MUFG Investor Services
Technology Risk & Resilience Manager (Second Line)

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Technology Risk & Resilience Manager (Second Line)
Technology Risk & Resilience Manager
About MUFG Investor Services
MUFG Investor Services is a trusted partner for the world’s largest public and private funds, delivering asset servicing and operational solutions tailored for alternatives. We administer over $1 trillion in client assets, offering fund administration, banking, payments, financing, foreign exchange overlay, regulatory services, custody, business consulting, and more.
Operating globally from 17 locations, we mitigate risk, enhance efficiency, and help clients navigate the complexities of modern investment management. As part of Mitsubishi UFJ Financial Group (MUFG), a global financial institution with $3 trillion in assets, we combine deep expertise with the stability of a market leader.
Visit www.mufg-investorservices.com to learn more.
Job Title & Location
Technology Risk & Resilience Manager (Director Level) – Permanent Full-Time
Locations:
- London, United Kingdom
- Dublin, Ireland
About the Role
This pivotal second-line risk role ensures independent oversight of Technology Risk (IT & Information Security) alignment across our firm, including DORA compliance, third-party risk, and service resilience expectations.
You will challenge first-line risk management processes rather than operate technology controls, focusing on assurance over risk identification, management, and reporting.
Key Responsibilities
Second Line Oversight & Framework Integration
- Define and embed Technology Risk (IT & Information Security) within our Operational Risk Taxonomy and framework.
- Ensure clarity on 1LOD vs. 2LOD accountability, aligned with company governance models.
- Provide independent 2LOD oversight of the technology risk framework, assessing alignment with first-line controls (third-party risk, IT, cybersecurity) and coherence with Operational Risk & Resilience frameworks.
- Advance a consistent service-based view of technology risks by challenging first-line mapping of applications, infrastructure, and third-party ICT services to business services.
Risk Identification, Assessment & Challenge
- Review and challenge first-line risk identification across:
- Application risks
- Infrastructure dependencies
- Information security risks
- Third-party technology dependencies
- Assess:
- Technical risk registers
- Control inventories
- Incident remediation effectiveness
- Impact analysis alignment with regulatory expectations
- Provide credible 2LOD challenge when risk assessments lack supporting evidence.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Operational Resilience
- Integrate Technology Risk into the firm’s Operational Resilience frameworks, including regulatory expectations such as:
- Dependency mapping of critical services
- ICT incident severity classification
- Escalation decisions & regulatory reporting (with technical + operational consideration)
- Review and challenge technology-related incidents, including:
- Severity assessment
- Client impact
- Reporting compliance
- Contribute to resilience testing and scenario analysis from a technology dependency perspective.
Third-Party & Technology Dependency Risk
- Provide oversight of third-party technology risks, ensuring:
- Appropriate risk identification for externally procured applications & infrastructure
- Alignment with Third-Party Risk Management outcomes
- Review of dependency and concentration risks with critical vendors.
Change & Control Environment Oversight
- Oversee and challenge technology-related change activities, including:
- IT BAU changes
- Technology components of business transformation
- Changes to critical services or client-facing platforms
- Conduct thematic reviews of incidents, audit findings, or control gaps, assessing for systemic risk.
Governance & Reporting
- Draft and peer-review committee papers and support periodic reporting to:
- Management
- Governance forums
- Deliver an annual technology risk framework attestation (e.g., DORA compliance).
- Present risk insights for senior management & risk committees, translating technical risks for non-technical stakeholders.
- Support setting, monitoring, and challenging technology-related risk appetite.
Stakeholder Engagement & Collaboration
- Partner with senior first-line leaders and risk functions (e.g., Enterprise Risk, Data Risk, Operational Risk & Resilience) to embed risk principles in business planning.
- Collaborate cross-departmentally within the MUFG group, evidenced ability to engage with CISO, CIO, CTO and manage relationships in a parent company structure.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Qualifications & Experience
Education Requirements
- Post-secondary degree in technology, business, or related field (e.g., IT, Risk, Finance).
- Professional certification (preferred but not essential):
- CRISC (Certified in Risk and Information Systems Control)
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- Fluency in relevant frameworks:
- NIST Cybersecurity Framework
- ISO 27001 / 27002 (Information Security)
- COBIT (Governance of IT).
Work Experience
- 10+ years in second-line or independent risk oversight, specifically Technology Risk (IT Risk, Cyber Risk) in a financial or comparable industry.
- Experience with governance establishment for:
- IT architecture
- Application & EUC (End-User Computing) development/deployment.
- Strong knowledge of:
- Technology risk concepts
- Information security risks
- Third-party technology risks
- Operational resilience principles
- Corporate insurance.
- Ability to work across jurisdictions (e.g., Ireland keen, Cayman exposure a plus).
- Cross-functional collaboration – experience engaging credibly with senior technology and business leaders.
Communication & Functional Skills
- Strong technical-to-business risk translation skills for multiple audiences (including CISO/CTO engagement).
- Proactive, solution-focused mindset with resilience in fast-paced environments.
- Microsoft Excel – advanced proficiency (essential), plus other required tools:
- System/technology onboarding experience preferred.
Preferred skills:
- Power BI, Tableau, Power Apps for data visualisation.
- SharePoint, Microsoft 365 for workflow automation.
What We Offer
More than a career – a positive, progressive culture driven by: ✅ Cutting-edge innovation and client obsession ✅ Learning & development opportunities ✅ Vibrant team culture with global collaboration
Join MUFG Investor Services for excellence at scale – where progress feels personal.
Apply now for a Brilliantly Different career. Note: Only shortlisted candidates will be contacted.
(Rank: Director | Employment: Permanent Full-Time)
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location