Director – Technology & Cybersecurity Audit

Morgan Stanley-posted 1 day ago
$108,000 - $155,000/Yr
Full-time • Director
Hybrid • New York, NY
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are seeking an experienced Technology & Cybersecurity Audit Director to lead assurance activities across critical infrastructure, cybersecurity, and business continuity processes. This role is pivotal in assessing and strengthening the Firm’s technology control environment, ensuring resilience against evolving threats, and driving impactful risk management improvements. The Internal Audit Division (IAD) drives attention and resources to vulnerabilities by providing an independent and well-informed view and impactful messages about the most important risks facing our Firm. This is accomplished by performing a range of assurance activities to independently assess the quality and effectiveness of Morgan Stanley’s system of internal control, including risk management and governance systems and processes. IAD serves as an objective and independent function within the Firm’s risk management framework to foster continual improvement of risk management processes. This is a Director role in the Technical Specialist function, which is responsible for providing extensive subject matter expertise and reinforcing the ability of business and technology audit teams to appropriately assess risk and determine and execute coverage.

  • Help identify risk and impact to cybersecurity, infrastructure, and technology governance across multiple technology domains, including cloud, virtualization, and emerging threats to prioritize areas of focus
  • Execute and lead aspects of assurance activities (e.g., audits, continuous monitoring, closure verification) focused on cybersecurity, infrastructure, and application controls to assess risk and formulate a view on the control environment
  • Facilitate conversations with technology stakeholders on risks, their impact and how well they are managed in a clear, timely and structured manner
  • Assist in managing multiple deliverables in line with team priorities
  • Partner with application technology and business auditors to deliver integrated audit coverage
  • Solicit and provide feedback and participate in formal and on-the-job training and mentorship to further develop self and peers
  • Minimum 4+ years of IT audit experience auditing cybersecurity controls, infrastructure, and general IT controls
  • Strong understanding of audit principles, methodology, tools, and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring)
  • Understanding of business line, key regulations and industry frameworks relevant to coverage area (e.g., NIST Cybersecurity Framework 2.0 (CSF 2.0),NIST SP 800-53 Rev. 5, ISO/IEC 27001:2022, PCI-DSS, CIS Controls, FFIEC guidelines, MITRE ATT&CK, OWASP Top 10, 2025 IIA Cybersecurity Topical Requirement, etc.)
  • Familiarity with operating systems (UNIX, Linux, Windows, z/OS), networking (VPN, LAN/WAN, Firewalls), databases, middleware, and cloud platforms (AWS, Azure, Google Cloud)
  • Deep understanding of cybersecurity tools and frameworks, including: Modern SIEM platforms: Splunk Cloud, Azure Sentinel, Google Chronicle SOAR platforms: Palo Alto Cortex XSOAR, IBM QRadar SOAR Identity & Access Management: SailPoint, Microsoft Entra, Okta, cloud-based IAM solutions DevSecOps and CI/CD security: Snyk, Veracode, Checkmarx, GitHub Advanced Security Vulnerability Management: Qualys, Rapid7, Tenable Penetration Testing: Kali Linux, Burp Suite Pro, Cobalt Strike Data Loss Prevention, IDS/IPS, and endpoint security: CrowdStrike, SentinelOne AI/ML-powered audit and analytics: MindBridge AI, AuditPal AI, Deloitte Argus
  • Ability to identify and analyze multiple data sources to inform point of view; data analytics and scripting/programming experience preferred
  • Ability to ask meaningful questions, understand various viewpoints and adapt messaging accordingly
  • A commitment to practicing inclusive behaviors
  • Educational background in Computer Science, Information Systems, or related field
  • Professional certifications such as CISA, CISSP, CISM, OSCP, CEH, CSX-F, AWS/Azure, Cisco preferred
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Director of Technology Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service