Company Profile Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services.
With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals.
As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, team work and giving back.
Technology The Technology division partners with our business units and leading technology companies to redefine how we do business in ever more global and dynamic financial markets.
Our sizeable investment in technology results in leading-edge tools, software, and systems. Our insights, applications, and infrastructure give a competitive edge to clients’ businesses and to our own.
Technology Risk's (Tech Risk) mandate is to enable the Firm to manage its technology related risks. The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive and consistent risk management practices across the Firm.
and adjusts to risks presented by an evolving threat landscape. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and also provides expert advice on secure design and development and control effectiveness.
Tech Risk manages responses to regulatory and client inquiries about the Firm’s technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction.
Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.
Position Description Morgan Stanley is looking for a talented individual to join a team of information security experts responsible for protecting Firm, client, and employee sensitive / confidential data.
The Incident Response team is responsible for managing the detection and reporting of information security and insider threat incidents, supporting all Firm Business Units.
The Team coordinates with the Business Units, Legal, Corporate Security and IT to gather incident details, assess risk and assist with remediation, ensuring compliance to regulatory and Firm standards.
This is a non-technical role and the selected candidate will be located in Montreal, working with a global team of IT Security professionals.
Responsibilities - Support the daily coordination and remediation of insider threat events with teams that support the Incident Response process and Business Unit Risk Officers -
Effectively gather, accurately record, and appropriately communicate incident details - Manage Incident Response efforts to assess the criticality of an incident, appropriate mitigation activities, communication across the organization, and ensure proper documentation is produced outlining the details of the incident -
Ensure that incident management is consistent across all parts of the business - Proactively participate in the continuous review of information security incidents and root causes, in order to highlight control gaps across the organization or process gaps within the team -
Compile and validate statistical data for management reporting - Provide general Information Security advisory services to key stakeholders across the Firm -
Participate in various projects related to operational improvements and tooling - Serve as focal point for larger incidents, including providing awareness and debriefing to senior management -
Provide on call and out of hours support Skills required - 5-7 years of experience in a similar role - Bachelor Degree in a related field -
Experience in Incident Management, Information Security, and familiarity with data privacy matters - Ability to handle sensitive situations with discretion and maintain confidentiality -
Very strong verbal and written English communications skills - Ability to effectively host calls with senior members of the Firm to develop quick response plans to information security incidents -
Ability to handle multiple competing priorities, while maintaining attention to detail - Strong working knowledge of Microsoft Office (Excel, PowerPoint, and Visio) -
Excellent interpersonal skills - Flexible and self-motivator Skills Desired - Experience of Archer Security Management, Symantec DLP or other DLP applications -
Knowledge or experience in supporting Insider Threat mitigation strategies Knowledge of French and English is required. Morgan Stanley is an equal opportunities employer.
We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. *LI-FP7