Infrastructure Control Analyst

Job Description.
Position Title: IT Infrastructure Risk and Control Specialist.
Location: [Insert Location].
Reports To: [Insert Reporting Manager/Title].
Job Summary: The IT Infrastructure Risk and Control Specialist is responsible for overseeing and managing risk, compliance, and control activities related to IT infrastructure within a regulated environment.
This role involves analyzing data, generating reports, facilitating communications, and ensuring adherence to regulatory and organizational standards.
The incumbent will also act as a liaison between Infrastructure, IT Risk, Audit functions, and Technology teams to uphold risk management practices and compliance.
Key Responsibilities: Risk and Control Management.
Support all IT Infrastructure pillars in managing audit and risk control activities.
Analyze data, generate report packs, facilitate meetings, and engage with control functions to ensure Infrastructure meets risk and control reporting requirements.
Support the management of self-identified risk issues and remediation processes, aligning with broader IT Risk Management processes.
Stakeholder Engagement.
Establish and maintain effective relationships between IT Infrastructure, IT Risk, Second Line of Defense (2LOD), Third Line of Defense (3LOD), and Technology teams.
Collaborate with internal and external audit teams, facilitating smooth information flow, evidence submission, and audit issue resolution.
Risk Reporting and Metrics.
Develop and distribute Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for Infrastructure.
Serve as the first point of contact for queries related to risk metrics and performance indicators.
Compliance and Governance.
Ensure compliance with organizational policies, standards, and procedures related to IT Infrastructure.
Maintain awareness of data security governance and regulations, including SOX, GDPR, and FFIEC requirements.
Operational Efficiency and Improvement.
Identify opportunities for service improvement within the Bank and Securities functions and across the broader MUFG group.
Support risk and control self-assessments within the department, embedding risk awareness across technology teams.
Technical Oversight.
Understand IT Infrastructure, including key technologies such as databases, networks, servers, and storage, and their interplay with Information Security principles.
Ensure Infrastructure aligns with regulatory and security standards.
Qualifications and Experience: Essential Experience: Experience working within or alongside control functions in a regulated environment, understanding interactions with Technology.
Proven experience managing internal and external audit processes, including evidence submission and issue remediation.
Expertise in risk-related metrics, including KPIs and KRIs.
Familiarity with self-identified issue management, including lifecycle tracking and remediation.
Proficiency in Microsoft Office, including documentation, spreadsheet management, and creating presentations.
Desirable Skills: Basic understanding of IT Infrastructure technologies and their role in supporting applications and information security.
Knowledge of compliance frameworks such as SOX, GDPR, and FFIEC.
Strong analytical and communication skills for effective stakeholder engagement.
Competencies: Strong relationship-building skills underpinned by trust and adherence to core organizational values.
Ability to embed risk and control awareness across technology teams.
Exceptional organizational skills with a keen eye for detail in risk analysis and reporting.
Key Attributes: Self-starter with a proactive approach to risk management.
Ability to work collaboratively across multiple teams and functions.
Commitment to delivering high-quality risk and compliance outcomes.
Show more Show less