Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 41 countries, the Firm’s employees serve clients worldwide including corporations, governments, institutions, and individuals. For further information about Morgan Stanley, please visitwww.morganstanley.com.
Technology and Operations Risk’s mission is to deliver first line defenses to manage Cyber and Fraud risks to Morgan Stanley’s technology, operations and information through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner. The team’s vision is to deliver programs that protect and enable the business, ensure secure delivery of services to clients, adjust to address the risks presented by an evolving threat landscape and meet regulatory expectations.
*Role Description: *
Morgan Stanley is looking for a talented individual to join a team of information security experts responsible for protecting Firm, client, and employee sensitive/confidential data. The Incident Response team is responsible for managing the detection and reporting of information security and insider threat incidents, supporting all Firm Business Units. The team coordinates with the Business Units, Legal, Corporate Security and IT to gather incident details, assess risk and assist with remediation, ensuring compliance to regulatory and Firm standards.
The selected candidate will be in Bangalore, working with a global team of Information Security professionals.
Note: This is a semi-technical role, involving insider threat incident handling only. It is unrelated to the CIRT/CERT function, as to what is generally referred to in the market.
Job Profile/ Responsibilities
• Conduct daily review, triage, and escalation of detected, and user reported Insider Threat events
• Collect supporting information and relevant artifacts in support of Incident Response activities
• Coordinate the response to irespond incidents from start to finish, including but not limited to utilizing defined workflows to assess the severity of an incident, appropriate mitigation activities, communication across the organization, and ensuring proper documentation is produced outlining the details of the incident.
• Host calls with senior members of the Firm to develop quick response plans to information security incidents
• Participate in the review of information security incident handling and post-mortem analysis, to highlight control gaps across the organization or process gaps within the team
• Provide general Information Security advisory services to key stakeholders across the Firm as required
• Participate in projects related to operational improvements and tooling
• Provide on call and out of hours support
• Bachelor’s degree or equivalent
• Working knowledge with DLP detection products and log aggregation products
• Ability to analyse data to look for anomalies or appropriately identify potential risk issues requiring further escalation
• Proven experience in investigating and escalating insider threat incidents
• Ability to handle sensitive situations with discretion and maintain confidentiality
• Strong verbal and written English communications skills
• Ability to handle multiple competing priorities, while maintaining attention to detail
• Strong working knowledge of Microsoft Office (Excel, PowerPoint, and Visio)
• Excellent interpersonal skills
• Flexible and self-motivator
• Working knowledge of incident tracking and case management solutions
• Knowledge or experience in supporting Insider Threat mitigation strategies
• Information Security-related Certifications (e.g., CISM, CRISC, CISSP, Security )
• Knowledge in personal data protection or privacy regulations
4 Yrs of in DLP detection products and log aggregation products
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.
Job: *Threat Management
Title: *Core Analyst Technical *
Location: Non-Japan Asia-India-Karnataka-Bengaluru
Requisition ID: 3207549