Security Architect - Technology and Information Risk - VP

Morgan Stanley's Security Architecture team is looking for an experienced Secirty Architect to join their established team.

The Security Architecture (SecArch) team is part of the Technology and Information Risk (TIR) organization. The mission of the team is to protect the Firm by ensuring in-scope technologies built internally, products purchased and services used meet security requirements that include the Firm's Policies, external guidelines, regulatory expectations, and appropriate controls in the areas of information security, secure design, and cyber security. We accomplish this mission via three primary services: architecture consulting, solutions consulting, and design review. This is an influential role within the Security Architecture team; the successful candidate will be working with senior leaders across the enterprise.

Role Profile:

• Lead architecture consulting to construct Security Architectures for a business unit or infrastructure Technology team
• Conduct risk assessment and provide technology risk/requirements to address risks identified. Areas covered: Authentication, Authorization, Auditing; Application Security, Session Security, Vulnerability/Penetration Testing, Input Validation; Secure data transport and storage
• Periodically review security reference architecture (security blueprints) and conduct updates/enhancements to guidance, policies, or other applicable reference materials
• Participate in various Operational and Technology Risk governance processes
• Represent, where applicable, Security Architecture in architecture review committees

Qualifications:

Required Skills:

• Excellent communication skills: written, oral, presentation, listening
• Ability to influence through factual reasoning
• Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking
• Strong focus on delivery when presented with short timelines and increased involvement from senior management
• Ability to adjust communication of technology risks vs business risks based on the audience
• Ability to operate in multiple virtual teams, directly manage teams, or ability to operate as a sole-contributor
• Bachelor's Degree with relevant work experience in high-paced, enterprise environment

Security Architecture Skills

• In depth knowledge of application, network and/or platform security vulnerabilities.
• Experience in conducting Information Security, Security Architecture, Audit Assessments. Presenting the outcomes of the assessment and obtaining buy in.
• Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
• The candidate should have working experience in one or more of the following application/network security domains: Authentication: SAML, SiteMinder, Kerberos, OpenId; Entitlements and identity management; Data protection, data leakage prevention and secure data transfer and storage; App Security - validation checking, software attack methodologies
• Cryptography - encryption and hashing

Company Profile:

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.#LI-JM1