Job Type
Job Details
The Data Security and Infrastructure Risk (DSIR) Team sits within the Wealth Management (WM) Risk organization and strives to find the right balance between risk management and business enablement. The team works to ensure that our clients' sensitive Personally Identifiable Information (PII) is stored and replicated securely, used properly, and accessed by only authorized individuals. The group also helps WM meet or exceed Firm and regulatory standards by applying additional controls in areas such as: Access Management, Business Resilience and Stability, and Vendor Risk. Finally, through client and workforce education and engagement, the team provides resources to help protect our employees and clients from cyber-enabled fraud.
Role Description
The End User Security Team seeks an Associate to serve as a Business Unit Information Security Officer (BUISO) to help ensure the protection of our clients' sensitive PII. This individual will play a key role in driving the implementation of preventative and detective controls to reduce the risk of intentional and unintentional data leakage from WM employees and contingents.
Primary Responsibilities:
- Ensure adherence with Wealth Management's Entitlement Management program, including entitlement design functionality, usage collection and analysis, and strategic initiatives to reduce broad data and PII access
- Support access management integration processes as part of future mergers and acquisitions
- Coordinate, review, and action access/information security exception requests with business management and local risk teams to ensure alignment and risk awareness
- Help the team deliver on the framework and strategy for end user security controls regarding access and exception management
- Participate in various internal reviews and readiness examinations to ensure the business is adequately prepared for all audit, compliance, and regulatory reviews
- Serve in the capacity of a BUISO, performing both critical data security operational work and providing appropriate guidance and best practices upon request
- Maintain an accurate and detailed record of team procedures and request tracking
- Create and analyze ad hoc and regular reporting for management and in support of various governance committee meetings
- Engage with WM Business partners to help create innovative technology and process solutions, balancing risk management and business enablement
- Identify, raise, and discuss information security requirements and resolve any issues in partnership with the Firm's technology and security organizations
Requirements:
- Bachelor's degree
- 3+ years of relevant risk management experience
- Strong writing skills with an ability to summarize complex problems succinctly
- Intrinsic curiosity and an eagerness to learn new technologies and skills
- Understanding of information security, computer systems, network technologies, mobile devices, and peripherals (e.g., monitors, keyboards, printers, etc.)
- Ability to analyze a high volume of data and work in a fast-paced environment
- Strong organization and time management skills, with the ability to swiftly transition between projects and tasks
- Ability to work independently and possess a strong sense of accountability/ownership
- Attention to detail, strong analytical, quantitative, and investigative problem-solving abilities
- Must be results-oriented and have a proactive approach to solving issues
Preferred Qualifications:
- Knowledge of the financial services industry; preferably in wealth management, finance, operations, or technology
- Experience with content and project management tools, including Twiki, SharePoint, Jive, and JIRA
- Experience working in ServiceNow or any other major ticketing system
- Familiarity with visualization tools (e.g., Tableau, QlikView, Dataiku)
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.