Cloud Security Specialist 3155682
Morgan Stanley
Montreal, Quebec, Canada, Americas
2d ago

Company Profile

Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services.

With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals.

As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, team work and giving back.


The Technology division partners with our business units and leading technology companies to redefine how we do business in ever more global and dynamic financial markets.

Our sizeable investment in technology results in leading-edge tools, software, and systems. Our insights, applications, and infrastructure give a competitive edge to clients’ businesses and to our own.

Technology Risk's (Tech Risk) mandate is to enable the Firm to manage its technology related risks. The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive and consistent risk management practices across the Firm.

  • Tech Risk protects the Firm’s information, systems and infrastructure from cyber and insider threats; ensures the secure and stable delivery of services to our clients;
  • and adjusts to risks presented by an evolving threat landscape. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and also provides expert advice on secure design and development and control effectiveness.

    Tech Risk manages responses to regulatory and client inquiries about the Firm’s technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction.

    Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.

    Position Description

    Morgan Stanley is looking for a candidate to join the Cybersecurity Team within Technology and Operations Risk. A growth mindset is a must as you will be a member of a new team that is being formed to assess and monitor Morgan Stanley assets hosted in the public cloud (Azure and AWS) and work with the Site Reliability Engineering (SRE) teams to quickly remediate risks that are discovered.

    The candidate should have a strong understanding of cybersecurity and information security with experience in at least one core functional area (e.

    g. Vulnerability Management, Incident Response, Security Engineering, Penetration Testing, Application Security, Red Teaming, etc.

    The candidate should have strong programming skills and the ability to design and develop security automation. Extensive knowledge of the public cloud is not required as you will learn these skills in the role building upon your strong security experience and skills.

    Required Skills :

  • Bachelor’s degree in Computer Science, Engineering or Math is preferred but not required.
  • 5+ years’ experience working in a technical role
  • 2+ years’ experience focusing on cybersecurity and / or information security.
  • Knowledge of information security controls and cybersecurity
  • Desired Skills :

  • Knowledge and experience in a variety of technologies including : UNIX, Windows, Networking, Databases and Storage.
  • Working knowledge of a scripting and programming languages (JavaScript, Python, PHP).
  • Experience with CI / CD pipelines and how to integrate and operate security tools within the pipeline.
  • Experience with Static / Dynamic / Interactive application security testing methodologies and tools.
  • Experience with vulnerability scanners (Qualys, AWS Inspector, Azure Security Center) and / or container scanning tools (Twistlock, Aqua).
  • Understanding of markup languages such as JSON and YAML.
  • Hands-on technical experience designing and / or deploying security solutions using Microsoft Azure and / or Amazon Web Services.
  • Knowledge of French and English is required.

    Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential.

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form