Description de poste
Mitsubishi UFJ Investor Services and Banking (Luxembourg) S.A. (MIBL)
is a Bank incorporated in Luxembourg and its majority is owned by Mitsubishi UFJ Trust and Banking Corporation and The Bank of Tokyo-Mitsubishi UFJ, Ltd., two major members of the Mitsubishi UFJ Financial Group, one of the largest financial groups worldwide.
MIBL provides a wide range of services to investors including Global Custody Services and Administration of Investment Funds.
MIBL now has an opening in its Risk Management Department for an:
Internship in Risk Management Department - M/F
(Ref.: IS RMD 09/17)
MIBL is looking for a trainee, for a 6 months period, to work within the Risk Management Department, under the Chief Information Security Officer management.
The Risk Management Department (RMD) comprises different fields as Financial Risk Management (Credit Risk, Market Risk and Liquidity Risk), Operational Risk Management (Operations Risk, Outsourcing Risk, IT Risk, Regulatory/Compliance Risk, Legal Risk, Reputational Risk, Business Continuity Management, New Business & Product Approval) and Information Security (Information Asset Management, IT Security, Document Security).
For the Information Security a Chief Information Security Officer (CISO) is appointed. The CISO reports to the CRO and the trainee will report to the CISO.
Information Security is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical) and comprises beside the Information Asset Management the IT Security (cyber-attack, phishing, virus/worms/Trojan, unapproved access prevention etc.) and Document Security (Security of Client data, Policies etc.).
- Information Security - the trainee is responsible for following the implementation of controls and for performing regular checks, as designed by the CISO:
- Develop and upgrade Information Security controls, and documentation (ISO27001 Standard)
- Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks;
- Working in close collaboration with the IT teams to ensure technology risks are managed on time;
- Research and investigate measures that address data security risks and potential losses for reporting purposes;
- Together with the CISO, follow-up on detected security issues and implement solutions to reduce security risks;
- Ensuring local compliance to all Head Office Standards;
- Assist in the research, development, communication, maintaining and working with the operational units on the enforcement of IT security architecture, policies, procedures, solutions and standards;
- Work with internal and external auditors to document and confirm that all security administrative duties are properly performed as well as demonstrate overall compliance;
- Educate employees about their information security and privacy protection responsibilities;
- Report any unusual problem to both CISO and Risk Management Committee;
- Support the Operational Risk team;
- For setting up the Business Continuity Management;
- For the Incident Management (Information Security and IT risk related);
- For Bank procedures and policies follow-up;
- Continuous improvement
- Evaluate and challenge the organization’s success in managing its IT and operational risks;
- Make proposals to improve the coverage of Information Security, IT and operational risks and related action plans;
- Assure a continuous monitoring & update of the Risk Control related working procedures;
- Provide assistance in the set-up of the monthly Risk Management Committee meeting agenda;
- Provide assistance in the set-up of the quarterly Board of Directors meeting documentation;
- Provide assistance in the collection of Information Security information on local Bank’s;
- Provide reasonable assistance in case of trouble-shooting and interdepartmental issues;
- Support in the team resource planning for the risk management department
Knowledge and skills
- Good knowledge of Information Security practice (an ISO27001 certification will be considered as a strong asset)
- Knowledge of the Banking System will be considered as an asset;
- Good communication skills / mutual respect and team spirit;
- High professional consciousness;
- Discretion, efficiency & initiative;
- Good analytical and organizational skills;
- Good communicational skills;
- Good knowledge of English is mandatory (all other language is an asset);
If you are interested in taking up this opportunity, please send your application letter with detailed curriculum vitae to:
Mitsubishi UFJ Investor Services & Banking (Luxembourg) S.A.
Attention: Human Resources Department
287-289, Route d'Arlon
or via jobs.lu