MS Wealth Management (MSWM) Operational Risk - AVP
The Morgan Stanley Wealth Management (MSWM) Business Infrastructure Risk team is responsible for approximately 28,000 Wealth Management professionals by ensuring that a robust business and technology control infrastructure is in place. The Business Infrastructure team assists with policy and procedures, information security, systems oversight, vendor management, business continuity planning, and firm wide risk procedures and initiatives.
Key Responsibilities will include but not limited to the following:
- Maintain and continuously develop the Firm's Entitlement Management program including Access/Entitlement Management application clean-up and entitlement mapping initiatives.
- Coordinate and communicate with Technology, Information Risk, and various Wealth Management business groups to ensure that the appropriate information security controls are in place.
- Conduct reviews of IT systems and related security processes/supporting infrastructure, identify potential control gaps and appropriate solutions.
- Participate in various internal reviews and readiness examinations to ensure the business is adequately prepared for all audit, compliance and regulatory reviews.
- Perform analysis by leveraging various data analytics tools/applications, the results of which will then be presented for senior management and utilized firm wide reporting.
- Report risk management issues and internal control deficiencies to ensure that issues and appropriate corrective action plans are in place.
- Ensure that operational risk incidents are properly tracked, resolved, and recorded via the central incident management system.
- On a daily basis, seek to prevent data leakage as well as identify instances of unauthorized disclosures of confidential information all of which could result in reputational, regulatory & financial damage to the firm.
- Knowledge of the financial services industry; preferably in the Wealth and Investment Management areas, finance, operations, and technology.
- Approximately 3-5 years of professional experience.
- Prior internal audit experience with a strong understanding of the IT process, risk, and control frameworks (e.g., COBIT 5, ITIL). Prior experience of testing application and information technology controls.
- Strong project management skills with the ability to work independently under adequate management supervision. The candidate needs to be self-motivated with strong analytical and problem-solving skills.
- Excellent oral and written communication skills, as the role involves a high amount of interaction with senior management across multiple divisions, including Business, Technology, and Firm Control organizations (e.g. Compliance & Legal)
- Strong working knowledge of MS Office (Microsoft Word, Excel, PowerPoint).
- Series 7 & 66 licensing preferred but not required.
- CPA/CISA preferred but not required.