About The Position

We're seeking someone to join our team as a Lead cybersecurity engineer in Cyber to be responsible for the security design tooling and security architecture standards across the firm – translating compliance obligations into operable, developer friendly architecture patterns, while directly operating the design governance toolchain that makes those standards real. In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Software Engineering position at Vice-President level, which is part of the job family responsible for developing and maintaining software solutions that support business needs. Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on…

Requirements

  • Bachelor’s degree with 7+ years of work experience in the IT field or equivalent.
  • Demonstrated experience designing and governing SDLC security controls at scale – SAST, SCA, OSS governance, and container scanning.
  • Hands-on experience with policy as code frameworks (OPA, Sentinel, or equivalent) and the ability to review and write policies, not just evaluate vendor tooling.
  • Experience producing architecture decision records, threat models, or equivalent design governance artifacts that served as authoritative references for engineering teams.
  • Strong written and verbal communication, ability to translate architecture decisions into compliance traceability artifacts and executive-facing recommendation documents.
  • Track record of driving adoption through influence.
  • Strong scripting background (Python, PowerShell).

Nice To Haves

  • A degree in Cybersecurity and/or CISSP/CSSLP certification and keen desire to move to security field.
  • Business acumen to support the implementation of SAST, DAST, SCA, Container Security, API Security and IaC tools across the enterprise.
  • Ability to perform code reviews with minimal assistance.
  • A self-starter, with a strong desire for learning new technologies and applying them to solve problems.
  • Expertise in monitoring, alerting, reporting, and data analysis.
  • Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
  • Familiarity with public cloud services.
  • Experience with two or more of the Secure SDLC tools like Github Advanced Security, Snyk, WhiteSource, Sonatype, X-Ray, Wiz.
  • Experience with Threat Analysis.
  • DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc.).
  • Experience with evaluation, integration and onboard of application security tools.

Responsibilities

  • Steward the security architecture standard across all verticals – ADRs, threat models, trust boundaries, and control plane design
  • Produce compliance traceability artifacts mapping architecture decisions to compliance requirements
  • Drive cross team architecture through influence with principal engineers and engineering leads
  • Support security standards, create templates and patterns to increase the efficiency and adoption of security programs.
  • Operate and evolve the design governance toolchain
  • Define the ADR lifecycles from creation to deprecation and ensure decision records remain the authoritative reference for architecture choices
  • Build integrations between spec platform and dev tooling to make compliance traceability continuous, not periodic

Benefits

  • Attractive and comprehensive employee benefits and perks in the industry.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service