Vice President – Cybersecurity and Technology Risk (Operational Risk)
MD, United States Posted 2 days ago
Morgan Stanley has an opening for a Vice President in Cybersecurity and Technology Risk Oversight within the Operational Risk Department.Cybersecurity and Technology Risk Oversight is the practice of identifying, assessing, and helping to identify cyber threats and remediate risks related to the confidentiality, availability and integrity of the Firm’s systems and information, including associated processes and controls. The successful candidate will be responsible for helping execute independent oversight, analysis, and monitoring of risks and controls around the Firm’s technology and cybersecurity.
Top Operational Risks – Provide senior management with an independent view of the Firm’s identified Top Operational Risks related to Firm’s information and technology practice.
Oversight Function – Assess the effectiveness of relevant Control Functions using the following key dimensions:
o Risk Identification: Identify and assess risks related to the information and systems supporting Firm activities globally
o General Oversight: Participate in relevant (or in scope) governance, steering, and working group committees and review metrics and escalation reports to monitor risk and control-related developments, issues and trends
o Procedures / Assessment: Review completeness and execution of relevant procedures and assess assurance mechanisms for how effectively they identify weaknesses or failures of key controls
o Monitoring: Review metrics, industry developments, and escalation reports to monitor risk and control-related developments, issues and trends in the management of technology and cybersecurity risk
Perform Risk Assessments - Assess whether cybersecurity activities and technology controls are designed and implemented effectively so as to verify that risks are mitigated to targeted levels
Identity Theft Prevention Program – Provide reporting and oversight of the firm’s Identity Theft Prevention program, participate in program governance, produce program metrics.
Relationship Management – Liaise and work with Control Function owners and Risk Managers in providing Operational Risk Coverage / Cyber Risk Coverage
Advisory Services – Provide guidance on the evolving technology and cybersecurity risk landscape
Policy & Procedures - Maintain and or oversee relevant policies and procedures related to technology and security processes
Bachelor’s Degree minimum
Minimum of 8 years’ worth of technology and/or cybersecurity related work experience, preferably in the financial services industry
Experience in Risk Management, and preferably with fluency in Operational and or IT Risk
Experience with relationship management
Strong interpersonal skills in order to work in a team oriented environment
Strong project management and organization skills
Ability to multitask and prioritize
Ability to work under pressure and to tight deadlines
Strong analytical and problem-solving skills
Flexible and self-motivator
Excellent communication skills, both verbal and written; ability to produce concise and effective presentations tailored to technical and non-technical audiences
Ability to work in a small team environment, building and maintain a network of contacts and coordinating with a large number of stakeholders
Proficiency in computer network defense, software programming, technology integration, computer science, or related fields.