New York City, NY, United StatesFull Time Posted 7 days ago
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modeling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses—and to our own.
The mission of the Global Technology division is to provide a highly reliable and commercial technology platform, which supports the Firm's strategy, delivered by an innovative, world-class team of professionals. There are ten divisions within Technology.
Technology Risk (TR) is part of the Global Technology and Data organization and manages operational and technology related risks on behalf of the Firm. The group's key principles are to provide proactive, comprehensive and consistent risk management, to enable the execution of the Firms strategy.
TR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TR team partners with the business by ensuring that Technology and Data understands how to manage escalate and monitor risk.
Morgan Stanley is looking for a Security Analyst to join the firm's Cyber Incident Response Team (CIRT). The global CIRT is a 24/7 operation with members in key geographical locations; performing incident response and remediation, campaign assessments, network and host based forensics. Security Analysts work core hours in their region with an on-call rotation for critical incidents.
Investigate cyber security incidents and threats.
Interact with stakeholders and leadership teams as part of the response and remediation efforts.
Improve the detection, escalation, containment and resolution of incidents.
Enhance existing incident response methods, tools, and processes.
Maintain knowledge of technologies and the threat landscape.
Assist during non-core business hours during an emergency, critical or large-scale incident.
Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques and procedures of attackers. This role requires a detail oriented, critical thinker who can anticipate issues and solve problems. Candidates should be able to analyze large datasets to detect underlying patterns and drive to a root cause analysis.
2+ years experiences (or equivalent) with Security Analysis and Incident Response (i.e. working in SOC/CIRT/CSIRT/CERT).
Subject matter expert in one or multiple areas such as Windows, Unix, firewalls, intrusion detection, network and host based forensics.
Understand the totality of a threat across multiple technologies and think like an adversary.
Sound understanding of TCP/IP and networking concepts; security alerts and incidents.
Excellent writing and presentation skills are required in order to communicate findings, recommendations and provide status on ongoing investigations.
Experience with investigating common types of attacks; network packet analysis; log analysis and reviewing security events.
Ability to build mitigations to defend against network based threats.
Experience with developing response workflow for security event.
Security product assessments.
Scripting (Python, BASH, Perl, or Powershell), coding or other development experience.
In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
Experience in Splunk usage or administration.
Experience of tearing apart a piece of malware to understand attack vector and purpose.
Industry certifications: GCIH, GNFA, GREM or other related SANS certifications