VP - Authentication Services Lead

Corporate Technology is responsible for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. Authentication Services form part of the Risk, Security and Control (RSC) team. RSC are collectively responsible for ensuring IT Security is managed through Identity and Access Management and Cyber Security. Additionally, RSC ensures all risks are recorded and where possible mitigated and IT controls, procedures and policies are implemented successfully., An exciting opportunity is available to join this group for an Identity and Access Management Specialist, who will lead a team and provide the technical capability to support the creation of a strategic direction for the Authentication and associated tool set, together with supporting and maintaining overall service health, vendor management and ensuring the direction taken on the Authentication roadmap aligns with the overall strategic objectives of the organisation. The Authentication Services team handle day to day management of all Authentication needs of the business achieved via Active Directory on premise, Entra ID for Cloud, CyberArk, all technical documentation, maintenance of platform standards and planning of technical direction and strategy., 1. Govern and advise on technical direction for Authentication, CyberArk and Access Management, especially through technical workshops and 1:1 coaching sessions, to ensure alignment to business strategy. 2. Creation and maintenance of technical guides to convey facts simply and effectively to both peers and those less experienced. 3. Daily management and maintenance of the Authentication, CyberArk and Access Management platform, ensuring service availability; health and performance monitoring & alerting and the maintenance of operational & technical documentation. 4. Balance technical fact / opinion against business risk / delivered service to provide well thought through guidance to support technical staff with incident; problem investigation and project decisions. 5. Proactively initiate investigations for improvements for standard operating processes and procedures, utilising the current owned / licensed tools available, to evidence and escalate issues to the management team. Candidate should be comfortable in communicating with all levels of the management hierarchy. 6. Produce and interpret service performance and security data to provide analysis for investigations; baseline performance and trend reports for management to highlight areas of focus / improvement and on-going change. 7. Play a leading role in documenting, presenting and using direct communication to map software lifecycle, create work breakdown structures (WBS) and the appropriate supporting documentation to ensure that the software remains current and supportable without disruption to the organisation. 8. Lead technical delivery, supporting the programme and project managers delivering specialist tasks to time and cost. 9. Work with the problem management function under the ITIL framework to investigate potential issues through to a timely resolution., Candidates must be able to demonstrate an advanced level of knowledge and experience in the following technical areas:

• Microsoft Active Directory - Advanced trouble-shooting and configuration
• Microsoft Active Directory - Experience of global 10,000+ user multi-Forest Environment
• Entra ID - Advanced troubleshooting and configuration
• Entra ID - management via Powershell modules and Graph API
• CyberArk Privileged Access Management
• DNS configuration and advanced troubleshooting
• Group Policy Objects
• Quest Change Auditor
• Quest Forest Recovery Manager
• Active Directory Certificate Services
• Active Directory Federated Services
• Azure AD Connect configuration
• Azure AD Connect Connectors, sync rules and metaverse queries
• Entra ID Conditional Access Policies
• SSO implementation via SAML and OAUTH
• Powershell script creation
• Powershell Automation and centralised management
• Multi-Factor Authentication configuration via MS Authenticator
• User Lifecycle Management
• Role Based Access Control
MUFG has a hybrid working policy with 3 days a week in the office. We are open to considering flexible working requests in line with organisational requirements. MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership. We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law. At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them! Our Culture Principles
• Client Centric
• People Focused
• Listen Up. Speak Up.
• Innovate & Simplify
• Own & Execute
  
  The IDAM team lead role will manage the existing highly productive Authentication and CyberArk teams. The successful candidate will be expected to familiarise themselves with the processes and procedures of the Bank quickly to be able to support and oversee the day to day platform management and the coaching / mentoring on best practice of operating the identity process. Candidates will be expected to articulate complex technical instruction in plain English to earn the support of senior management stakeholders and those technically less experienced. The role requires an excellent team player; a self-starter with a motivation and desire to seek out & deliver improvements and a drive to document and promote future platform opportunities for approval and funding. Experience of managing personnel both onshore and offshore is essential.
Candidates applying for this role must be able to demonstrate in-depth knowledge of Identity Management, Microsoft Active Directory technologies through either a Microsoft Systems Engineer qualification or at least 5 years' experience working in this speciality. Candidates should also be able to demonstrate practical experience and insight gained through similar roles including in-depth troubleshooting, mentoring and managerial skills.

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.