Massachusetts Veterans Jobs

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management, and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modeling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses and to our own.

The Business Information Security & Risk Management (BISRM) team enables the Business and Technology to form a holistic view of identified risk and collaboratively make risk-based decisions in mitigating the risk to the firm while still enabling and ensuring velocity for the business. In addition to advising Technology Senior Managers on their risk posture, the team is also responsible in enabling Technology divisions to proactively embed and align security, governance and compliance through the implementation of solutions based on the firm's security policies and controls. The team advise on the firm's Technology Policy & Standards, perform risk assessments and tests of controls, and deliver risk-reporting capabilities. The team handles responses to regulatory, audit, and client inquiries about the Firm's technology risk, control framework, and fulfil Technology Risk Governance Committee responsibilities.

The Security Architecture & Design Manager is responsible for improving the overall security posture of Morgan Stanley Investment Management. The successful candidate will evaluate, test and document security solutions and controls, and work closely with other security team members within Business Information Security & Risk Management BISRM and Cyber Data Risk & Resiliency CDRR overall to remediate risk while ensuring the business is able to innovate and meet its business objectives through the implementation of technology initiatives.

The Information Security Architecture & Design Manager must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business. Information security analysts collaborate with internal and external audit and exam teams, along with technology management and business stakeholders.

Essential Job Duties:
- Partner with MSIM Technology and Business developers & engineers to understand business initiatives and assist in delivering secure on premise & in the cloud infrastructure through the alignment to the Morgan Stanley Security Control Blueprints.
- Assist MSIM Technology and Business developers & engineers through the Security Design tollgates of obtaining Permit to Build and Permit to Operate by engaging Security Design Analysts and quickly remediating issues with the goal of mitigating the risks to the firm but enabling the business on a timely basis.
- Fully understand the Morgan Stanley Security Control BluePrints and Security Design Processes to be able to train developers in understanding the concepts and processes of secure development of on premise, in the cloud and SaaS solutions.
- Assist with security configuration standards for systems and business applications.
- Serve as a member of the information security. change management and technical risk oversight squad/teams.
- Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.
- Interface with internal and external auditors for risk assessments.
- Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.

Skills and Experience
- At least 5 years of information security experience with the focus on application and infrastructure focus
- Expertise in cloud security regarding infrastructure and application development within AWS and Azure platforms
- Expertise in DevOps/CICD pipeline on premise and cloud environments such as AWS and Azure.
- Expertise in incident response and system monitoring and analysis.
- Experience with compliance requirements and Audit engagements (GLBA, SOX, SOC, regulatory agencies, and Internal Audit etc.).
- Ability to effectively communicate business risk as it relates to information security.
- Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.
- Knowledge of multiple computing platforms, including Windows, OSX, Linux, Unix, networks and endpoints.
- Experience with vulnerability and penetration testing processes and tools including Nessus, Rapid 7 or Qualys.
- Experience with configuration management, change management, project management methodologies and tools including Cherwell or ServiceNow.

Additional Qualifications
- Possesses highly effective communications skills with the ability to influence business units.
- Acts with integrity, takes pride in work and seeks to excel, be curious and adaptable.
- Displays an analytical and problem-solving mind-set.
- Is highly organized and efficient.
- Leverages strategic and tactical thinking.
- Works calmly under pressure and with tight deadlines.
- Demonstrates effective decision-making skills.
- Is highly trustworthy and leads by example.
- Stays current with evolving threat landscape.

Education Requirements: Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent a plus.

Certification Requirements: SANS GSEC, SSCP, Security , GCIA, CISSP and CCSP.

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).

Expected base pay rates for the role will be between $180,000 and $260,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Job: *Threat Management

Title: Security Architecture & Design Manager

Location: Massachusetts-Boston

Requisition ID: 3233272

Other Locations: Americas-United States of America-Georgia-Alpharetta, Americas-United States of America-Maryland-Baltimore, Americas-United States of America-Virginia-Arlington, Americas-United States of America-New York-New York