Job Description

We offer:

• \xc2\xa7 To work with some of the best professionals in the business - for a firm that values individual intellect as much as teamwork
• \xc2\xa7 State-of-the-art offices that are designed to maximize collaboration
• \xc2\xa7 Flexible working arrangements
• \xc2\xa7 Enriching challenges that provide opportunity for constant learning and advancement
• \xc2\xa7 An environment which is leveraging technology to its highest potential

Team Profile:

Technology Risk\'s (Tech Risk) mandate is to enable the Firm to manage its technology related risks. The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive, and consistent risk management practices across the Firm.

Tech Risk protects the Firm\xe2\x80\x99s information, systems, and infrastructure from cyber and insider threats; ensures the secure and stable delivery of services to our clients; and adjusts to risks presented by an evolving threat landscape. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and also provides expert advice on secure design and development and control effectiveness. Tech Risk manages responses to regulatory and client inquiries about the Firm\xe2\x80\x99s technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction. Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology, and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.

Position Description:

Morgan Stanley is looking for a talented individual to join a team of information security experts responsible for protecting Firm, client and employee sensitive/confidential data. The Incident Response team is responsible for managing the detection and reporting of information security incidents supporting all Firm Business Units. The Team coordinates with the Business Units, Legal, Corporate Security and IT to gather incident details, assess risk and assist with remediation, ensuring compliance to regulatory and Firm standards.

This is a non-technical role and the selected candidate will be located in Montreal, working with a global team of IT Security professionals.

Responsibilities:

\xc2\xa7 Conduct daily review, triage and escalation of detected, and user reported Insider Threat events

\xc2\xa7 Collect supporting information and relevant artifacts in support of Incident Response activities

\xc2\xa7 Utilize defined workflows to assess the severity of an incident, appropriate mitigation activities, communication across the organization, and ensure proper documentation is produced outlining the details of the incident

\xc2\xa7 Host calls with senior members of the Firm to develop quick response plans to information security incidents

\xc2\xa7 Work with relevant stakeholders to ensure that incident management is consistent across all parts of the business

\xc2\xa7 Proactively participate in the continuous review of information security incidents and root causes, to highlight control gaps across the organization or process gaps within the team

\xc2\xa7 Provide general Information Security advisory services to key stakeholders across the Firm as required

\xc2\xa7 Participate in various projects related to operational improvements and tooling

\xc2\xa7 Provide on call and out of hours support

Qualifications

Required skills:

\xc2\xa7 Bachelor\'s Degree or equivalent experience in a related field

\xc2\xa7 3+ years of experience

\xc2\xa7 Experience in a similar role or working knowledge of Incident Management, Information Security, or Data Privacy

\xc2\xa7 Ability to analyze data to look for anomalies or appropriately identify potential risk issues requiring further escalation

\xc2\xa7 Ability to handle sensitive situations with discretion and maintain confidentiality

\xc2\xa7 Very strong verbal and written English communications skills

\xc2\xa7 Ability to handle multiple competing priorities, while maintaining attention to detail

\xc2\xa7 Strong working knowledge of Microsoft Office (Excel, PowerPoint, and Visio)

\xc2\xa7 Excellent interpersonal skills

\xc2\xa7 Flexible and self-motivator

Skills Desired:

\xc2\xa7 Working knowledge of incident tracking or case management solutions, and DLP detection products

\xc2\xa7 Knowledge or experience in supporting Insider Threat mitigation strategies

\xc2\xa7 Technical or Information Security Certifications (e.g. CISM, CRISC, CISSP)

About us:

Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services. At Morgan Stanley Montreal, we are shaping the future of our global business and contributing to our local community. Our team works across numerous areas.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

All our positions are located in Montreal, Quebec. We offer a hybrid work environment, combining remote work and attendance in the office.

Knowledge of French and English is required.

Build a career with impact. Visit morganstanley.com for more information.

Morgan Stanley