Job Type
Job Details
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 41 countries, the Firm's employees serve clients worldwide including corporations, governments, institutions and individuals. For further information about Morgan Stanley, please visit www.morganstanley.com.
Cyber Data Risk & Resilience
The mission of CYBER DATA RISK & RESILIENCE is to deliver first-line defenses to manage risks to Firm technology, information and cyber threats through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner.
Our vision is to deliver Programs that protect and enable the business, ensure secure delivery of services to our clients, adjust to address the risks presented by an evolving threat landscape, meet regulatory expectations, and offer highly attractive career opportunities.
Job Profile
This role is a key member of the Technology Controls Office, supporting various different control enhancement activities. The team is responsible for control development, maintenance, socialization and advisory services, as well as mappings to regulatory requirements and risk management objectives. The team enhances controls based on requests by senior policy coverage area owners.
Key Responsibilities include:
· Working with control owners and SMEs to document controls and ensure they are in alignment with key regulations
· Assessing implementation and adoption level, liaison with Technology divisions on control implementation, document gaps and associated risk
· Assessing the impact of control changes on open issues, risks and regulatory compliance
· Developing / maintaining framework to appropriately scope the controls for various IT asset classes and attributes
Primary Skills
· Proven written and verbal communication skills - to the level of being able to interact directly with department senior management.
· At least 10 years of experience in Technology Risks and Controls
· Experience of policies and standards programs.
· Proven analytical skills.
· Strong awareness of industry standards, best practices and regulatory expectations in respect to technology
· Aptitude for technology and strong understanding of technology concepts and terminology.
· Organizational skills as reflected through a methodical/organized approach to analysis and documentation and the ability to manage multiple tasks simultaneously.
· Significant discretion and respect for confidentiality of sensitive information.
· Proficiency in Microsoft Office suite.
· Proactive self-starter who can identify opportunities for improvement and operate autonomously.
· Demonstrates good judgment.
Good To have Skills
· CISA, CISSP, CRISC, CISM, other Technology Risks and Controls related certifications preferred
· Any experience with ServiceNow CMDB / IT Asset inventories / Configuration Management Systems will be a plus.
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.
For over 88 years, Morgan Stanley has combined old school wisdom with a passion for what's possible. Doing so enables us to provide clients with... Read more