Associate – Cybersecurity and Technology Risk (Operational Risk)

  • Competitive
  • Baltimore, MD, USA
  • Permanent, Full time
  • Morgan Stanley USA
  • 14 Oct 18

Associate – Cybersecurity and Technology Risk (Operational Risk)

Morgan Stanley
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
The talent and passion of our people is critical to our continued success as a firm. Together, we share four core values rooted in integrity, excellence and strong team ethic:
1. Putting Clients First
2. Doing the Right Thing
3. Leading with Exceptional Ideas
4. Giving Back
Morgan Stanley is committed to helping its employees build meaningful careers and we strive to be a place for people to learn, achieve and grow.
Firm Risk Management
Firm Risk Management (FRM) enables Morgan Stanley to achieve its business goals by partnering with business units across the Firm to realize efficient risk-adjusted returns, acting as a strategic advisor to the Board and protecting the Firm from exposure to losses as a result of credit, market, liquidity, operational, model and other risks.
Our mission is to serve as the follow roles:
· Independent agent to set consistent principles and disciplines for risk management
· Strategic advisor to Firm management for setting risk appetite and allocating capital
· Industry leader to influence and meet regulatory standards
You will collaborate with colleagues across FRM and the Firm to protect the Firm's capital base and franchise, advise businesses and clients on risk mitigating strategies, develop tools and methodologies to analyze and monitor risk, contribute to key regulatory initiatives and report on risk exposures and metrics to enable informed and strategic decision-making. Through thoughtful analysis and clear communication we are best able to bring our ideas to the table and improve the Firm.
Firm Risk Management values diversity and is committed to providing a supportive and inclusive workplace for all employees.
Firm Risk Management's unique franchise promotes:
ü Flat, flexible and integrated global organization
ü Collaboration and teamwork
ü Credible, independent decision-making
ü Organizational influence
ü Creative and practical solutions
ü Meritocratic and diverse culture
Location
The Morgan Stanley Baltimore office is a critical component of the Firm`s Global footprint and has 1,400 employees that provide support and services to the Investment Banking, Securities, Investment Management and Wealth Management Businesses.
Our office at Thames Street Wharf is located in the heart of Baltimore's Inner Harbor. Additionally, the Firm recently expanded downtown and occupies two floors at 100 South Charles in the new, up and coming neighborhood of Harbor Point, adjacent to historic Fells Point.
Morgan Stanley has an opening for an Associate in Cybersecurity and Technology Risk Oversight within the Operational Risk Department. Cybersecurity and Technology Risk Oversight is the practice of identifying, assessing, and helping to identify cyber threats and remediate risks related to the confidentiality, availability and integrity of the Firm's systems and information, including associated processes and controls. The successful candidate will be responsible for helping execute independent oversight, analysis, and monitoring of risks and controls around the Firm's technology and cybersecurity.
Primary Responsibilities
· Governance - Assist in the execution of monthly governance committee meetings and bi-weekly working group meetings attended by global Technology, Information Security and Information Technology Risk leaders, as well as global Business Unit specific ISO heads.
· Relationship Management - Liaise and work with Business Units and Risk Managers in providing Operational Risk Coverage / Cyber Risk Coverage
· Oversight Function - Assess the effectiveness of relevant Control Functions using the following key dimensions:
o Risk Identification: Identify and assess risks related to the information and systems supporting Firm activities globally
o General Oversight: Participate in relevant (or in scope) governance, steering, and working group committees and review metrics and escalation reports to monitor risk and control-related developments, issues and trends
o Procedures / Assessment: Review completeness and execution of relevant procedures and assess assurance mechanisms for how effectively they identify weaknesses or failures of key controls
o Risk Analysis: Analyzing existing technology & security risk issues for themes and trends
o Monitoring: Review metrics, industry developments, and escalation reports to monitor risk and control-related developments, issues and trends in the management of technology and cybersecurity risk
· Advisory Services - Provide guidance on the evolving technology and cybersecurity risk landscape

Qualifications:

· Bachelor's Degree minimum
· Minimum of 3-5 years' worth of technology and/or cybersecurity related work experience, preferably in the financial services industry
· Experience in Risk Management, and preferably with fluency in Operational and or IT Risk
· Experience with relationship management
· Strong interpersonal skills in order to work in a team oriented environment
· Strong project management and organization skills
· Ability to multitask and prioritize
· Ability to work under pressure and to tight deadlines
· Strong analytical and problem-solving skills
· Flexible and self-motivator
· Excellent communication skills, both verbal and written; ability to produce concise and effective presentations tailored to technical and non-technical audiences
· Ability to work in a small team environment, building and maintain a network of contacts and coordinating with a large number of stakeholders
· Proficiency in computer network defense, software programming, technology integration, computer science, or related fields.