Internal Audit Associate - AI Technology
About The Position
We are seeking a highly skilled and experienced Associate to provide audit coverage for application and system infrastructure supporting the Enablement & Innovation Management Technology Audit team. The Internal Audit Division (IAD) drives attention and resources to vulnerabilities by providing an independent and well-informed view and impactful messages about the most important risks facing our Firm. This is accomplished by performing a range of assurance activities to independently assess the quality and effectiveness of Morgan Stanley’s system of internal control, including risk management and governance systems and processes. IAD serves as an objective and independent function within the Firm’s risk management framework to foster continual improvement of risk management processes. This is an Associate level position within Technology Audit, which is responsible for inspecting controls in the applications that support all three lines of business. Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.
Requirements
- Knowledge of technology and AI‑related risks, including application controls, system infrastructure, data management, access management, change management and emerging AI/automation risks
- Strong understanding of audit principles, methodology, tools, and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring)
- Ability to identify and analyze multiple data sources to inform point of view
- Ability to ask meaningful questions, understand various viewpoints and translate complex technology and AI risks into clear messages to management
- A commitment to practicing inclusive behaviors
- At least 4 years' relevant experience in internal audit, technology risk management, technology audit, data governance or a related control function within financial services or a large, complex organization would generally be expected to find the skills required for this role
Nice To Haves
- Relevant certifications (i.e., CISA, CISSP, CEH, OSCP) preferred
Responsibilities
- Help identify risk and impact to relevant AI to prioritize areas of focus
- Execute and lead aspects of AI-focused assurance activities (e.g., audits, continuous monitoring, closure verification) to assess risk and formulate a view on the control environment
- Assess technical controls across the AI lifecycle, including development, deployment, integration, and human‑override mechanisms
- Perform AI safety, security and operational controls testing, focusing on prompt behavior, output reliability, access and API controls and technical safeguards against misuse or unintended outcomes
- Execute scenario-based testing to evaluate AI behavior under edge cases, misuse scenarios, and control failure conditions
- Contribute to the evolution of AI audit testing approaches, including use of emerging audit tools, data analysis and automation where applicable
- Facilitate conversations with stakeholders on risks, their impact and how well they are managed in a clear, timely and structured manner
- Assist in managing multiple deliverables in line with team priorities
- Solicit and provide feedback and participate in formal and on-the-job training to further develop self and peers
Benefits
- Ample opportunity to move about the business for those who show passion and grit in their work.
- Attractive and comprehensive employee benefits and perks in the industry.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
