Technology Regulatory Risk Analyst

  • Competitive
  • Glasgow, Scotland, United Kingdom
  • Permanent, Full time
  • Morgan Stanley
  • 17 Dec 17 2017-12-17

See job description for details

Company Profile

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Department Profile

The Technology & Information Risk department is seeking a Technology Regulatory Risk Analyst to join a small, global team responsible for supporting the processes to prepare regulatory, audit, and client requests and monitoring resolution of regulatory and audit findings. This includes technology related regulatory examinations as well as ad hoc requests for information.

Team Profile

The Technology Regulation and Client Engagement Team fulfills the following responsibilities for the Technology organization:

- Provide transparency to Technology Senior Management about the status of:

- Fulfilling all technology related regulatory and audit requests received

- Progress with remediating regulatory and audit findings

- Ensure responses to technology related requests are fulfilled efficiently, consistently, accurately, and timely

- Maintain an archive of responses to technology related requests

- Facilitates timely closure of technology related regulatory and audit findings by advising on remediation plan development and execution

- Support the process to respond to client inquiries on MS technology control environment

This position supports the full lifecycle of a request from initiation through to closure and will involve interaction with senior managers and organizational partners including Technology, Regulatory Relations, Operational Risk, Compliance, Legal, and Internal Audit.

Primary Responsibilities

- Support Senior TRCE Activity Lead to define the response required, establish response deadlines, identify impacted technology personnel that will supply and approve the response content

- Document exam activities using the TRCE exam documentation tools

- Mobilize the response effort by notifying impacted personnel and scheduling response preparation meetings

- Serve as a subject matter expert on technology risk management processes and associated regulatory requirements

- Collaborate with personnel tasked with preparing responses to technology related requests to ensure the common goal of an accurate and timely response

- Collect responses and review them to ensure consistent and quality of responses

- Assist in obtaining formal management approval on regulatory responses

- Maintain and track the status of requests and submission.

- Assist in running exam status meetings, updating exam tracker and issuance of status reports

- Liaise with owners of regulatory and audit findings providing advice throughout the finding lifecycle including remediation plan development, execution, and closure.

- Maintain the archive of responses to technology related requests

- Assist with the preparation of exam status reports for technology related requests that will be used in Technology Senior Management regular reporting

- Support the Client Risk RFI process to respond to client inquiries on MS technology control environment


Required Skills

- Awareness of financial markets and regulations impacting technology risk management processes including technology governance, information security, business continuity planning, systems development, project management and supplier management.

- Understanding of risk assessment methodologies, internal controls and industry technology risk management frameworks such as ITIL, NIST, CobiT, and ISO 27001

- Strong analytical skills required to enable accurate assessments of adherence to regulatory requests

- Strong organizational skills and an ability to manage multiple demands and changing priorities.

- Detail oriented.

- Outstanding communication and interpersonal skills.

- Ability to work effectively with all levels of the organization.

- Excellent influencing and negotiation skills.

- Ability to draft high quality written products that are comp

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-AM2