Information Security Officer - Technology Risk Information Security Officer - Technology Risk …

Morgan Stanley
in Glasgow, Scotland, United Kingdom
Permanent, Full time
Be the first to apply
Morgan Stanley
in Glasgow, Scotland, United Kingdom
Permanent, Full time
Be the first to apply
See job description for details

Company Profile:

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Glasgow Profile:

Morgan Stanley’s Glasgow office employs in excess of 1,500 staff across Operations, Technology, Legal and Compliance, Internal Audit, Fund Services and Finance. Due to our growing business, we have a demand for career minded people to join our teams. Our opportunities offer unrivalled scope for progression and training within a fast paced, meritocratic and constantly changing environment. Morgan Stanley pride themselves on maintaining a culture which champions diversity, an inclusive environment for all, recognition and an opportunity to give back to our communities through various local charity partnerships. The office is located centrally and enjoys the additional benefits of an onsite gym and restaurant.

Department Profile:

Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modeling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses’ and to our own.

Team Profile:

The candidate will be a senior member of the Central Risk Services BUISO team within Technology Risk (TR). The role focuses on the consistent delivery of information security risk services for all divisions within Technology at Morgan Stanley.

The BUISO is responsible for the implementation and effectiveness of the Firm?s Information Security Program within their respective Business Unit (BU). The BUISO should be a senior and influential member within the business who has a broad understanding of the handling of information, the technology used in the processing of information, and the associated risks for their business.

In order to accomplish this, the BUISO may directly execute these responsibilities, or delegate the execution of some or all of these to others within their organization.

Key Responsibilities:

- Leading information security related programs, including processes and procedures in adherence with the Global Information Security Program Policy
- Participating in information security related forums and governance committees at the Firm level
- Identifying, raising and discussing BU-specific information security requirements and resolving any issues in partnership with Technology and Information Risk and/or Corporate Security
- Cybersecurity and Information Security Policy Exceptions management
- Review and evaluate various security policy exception requests
- Manage and report on risks associated with exceptions once granted
- Evaluate/Recommend improvements to exceptions controls and related Firm policy, procedures, standards
- Incident response
- Research, manage and respond to Information Security incidents
- Determine risk impact and severity
- Provision of education and advice/guidance on secure handling & transfer of data & information
- Initiate and manage process improvement/strategic risk reduction initiatives across the team and/or division
- Contribute to the Firm?s Global Cybersecurity and Information Security program


Skills Required:

- Experience in large-scale cyber and information security program implementation, management, oversight, or audit
- General IT Security knowledge and applying best security practices
- Able to interpret security requests, validate that approval processes are followed; track and report on exception grants by referencing documented procedures
- Strong process focus and awareness and good judgement (when to escalate/raise an issue to management)
- Strong analytical skills; able to digest requirements and share feedback, ideas on improvement etc.
- Managing (internal) client relationships and working as part of a distributed team
- Highly motivated; ability to drive project deliverables to fruition/lead meetings with cross-functional and cross-level participation
- Collaborate with internal solutions providers to enhance security solutions and advocate on behalf of users/consumers
- Ability to interpret existing policies, standards, procedures and apply in a real-world setting
- Ability to drive improvements to existing policies, standards, procedures
- Ability to articulate key points clearly and succinctly in meetings and 1:1
- Ability to define a proposed plan/approach based on an initial scope of work
- Ability to manage and interact in a matrixed organization is essential

Skills Desired:

- Accredited InfoSec Certifications
- Understanding of VBA and macros creation in Excel
- Basic understanding of Splunk querying language and reporting capabilities

Interested in flexible working opportunities? Morgan Stanley empowers employees to have greater freedom of choice through flexible working arrangements. Speak to our recruitment team to find out more.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-FM1

Learn more about our culture and the opportunities for professional growth at Morgan Stanley in Glasgow on our LinkedIn page and Youtube channel.
Build a career with impact. Apply today.