Associate - Cyber/IT/Information Security (Metrics & Reporting)
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
The talent and passion of our people is critical to our continued success as a firm. Together, we share five core values rooted in integrity, excellence and strong team ethic:
1. Putting Clients First
2. Doing the Right Thing
3. Leading with Exceptional Ideas
4. Giving Back
5. Committing to Diversity and Inclusion
Morgan Stanley is committed to helping its employees build meaningful careers and we strive to be a place for people to learn, achieve and grow.
Firm Risk Management
Firm Risk Management (FRM) enables Morgan Stanley to achieve its business goals by partnering with business units across the Firm to realize efficient risk-adjusted returns, acting as a strategic advisor to the Board and protecting the Firm from exposure to losses as a result of credit, market, liquidity, operational, model and other risks.
Our mission is to serve as the follow roles:
• Independent agent to set consistent principles and disciplines for risk management
• Strategic advisor to Firm management for setting risk appetite and allocating capital
• Industry leader to influence and meet regulatory standards
You will collaborate with colleagues across FRM and the Firm to protect the Firm's capital base and franchise, advise businesses and clients on risk mitigating strategies, develop tools and methodologies to analyze and monitor risk, contribute to key regulatory initiatives and report on risk exposures and metrics to enable informed and strategic decision-making. Through thoughtful analysis and clear communication we are best able to bring our ideas to the table and improve the Firm.
Firm Risk Management values diversity and is committed to providing a supportive and inclusive workplace for all employees.
Firm Risk Management's unique franchise promotes:
• Flat, flexible and integrated global organization
• Collaboration and teamwork
• Credible, independent decision-making
• Organizational influence
• Creative and practical solutions
• Meritocratic and diverse culture
The Morgan Stanley Baltimore office is a critical component of the Firm`s Global footprint and has 1,400 employees that provide support and services to the Investment Banking, Securities, Investment Management and Wealth Management Businesses.
Our office at Thames Street Wharf is located in the heart of Baltimore's Inner Harbor. Additionally, the Firm recently expanded downtown and occupies two floors at 100 South Charles in the new, up and coming neighborhood of Harbor Point, adjacent to historic Fells Point.
Morgan Stanley has openings for Associates in Cybersecurity and Technology Risk Oversight within the Operational Risk Department. Cybersecurity and Technology Risk Oversight is the practice of identifying, assessing, and helping to identify cyber threats and remediate risks related to the confidentiality, availability and integrity of the Firm's systems and information, including associated processes and controls. The successful candidate will be responsible for helping execute independent oversight, analysis, and monitoring of risks and controls around the Firm's technology and cybersecurity.
• Identify and evaluate cybersecurity and technology risks related to the systems and information supporting Firm activities.
• Assess whether cybersecurity activities and technology controls are designed and implemented effectively to verify that risks are mitigated to targeted levels
• Provide subject-matter expertise in cybersecurity and technology to support overall risk management in the Firm, working closely with cybersecurity and technology personnel across the Firm.
• Build and maintain strong positive relationships with the broader risk community and the cybersecurity and technology security operational and development teams.
• Review completeness and execution of relevant procedures and assess assurance mechanisms for how effectively they identify weaknesses or failures of key controls
• Work with risk and control owners in assessing inherent and residual levels risks based on structured risk framework
• Maintain and or oversee relevant policies and procedures related to technology and security processes
• Review metrics and escalation reports to monitor risk and control-related developments, issues and trends
• Review technology and security risk issues as well as internal and external incidents in order to help inform an independent view of the overall technology and security risk posture of the Firm
• Provide monthly and quarterly risk reporting
• Provide guidance on the evolving technology and cybersecurity risk landscape
• Coordinate with colleagues who cover business units and infrastructure groups in discussing impact of technology and cybersecurity risks on business and support processes
• Monitor industry developments in the management of technology and cybersecurity risk Qualifications:
• Bachelor's Degree (minimum)
• 2+ years of technology and/or cybersecurity related work experience, preferably in or applicable to the financial services industry
• Strong interpersonal skills required to work in a team-oriented environment successfully
• Excellent communication skills, both verbal and written; ability to produce concise and effective presentations tailored to technical and non-technical audiences
• Proficiency in computer network defense, software programming, technology integration, computer science, or related fields.
• Strong project management and organization skills
• Ability to multitask and prioritize
• Ability to work under pressure and to tight deadlines
• Flexible and self-motivator
• Strong analytical and problem-solving skills
• Proficiency in MS Office and related applications (e.g. Word, Excel, PowerPoint)