About The Position

We're seeking a Lead Cybersecurity Engineer in Cyber to be responsible for security design tooling and security architecture standards across the firm. This role involves translating compliance obligations into operable, developer-friendly architecture patterns, while directly operating the design governance toolchain that makes those standards real. In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Software Engineering position at Vice-President level, which is part of the job family responsible for developing and maintaining software solutions that support business needs. Morgan Stanley, founded in 1935, is a global leader in financial services, continuously evolving and innovating to better serve clients and communities in over 40 countries.

Requirements

  • Bachelor’s degree with 7+ years of work experience in the IT field or equivalent.
  • Demonstrated experience designing and governing SDLC security controls at scale – SAST, SCA, OSS governance, and container scanning.
  • Hands-on experience with policy as code frameworks (OPA, Sentinel, or equivalent) and the ability to review and write policies, not just evaluate vendor tooling.
  • Experience producing architecture decision records, threat models, or equivalent design governance artifacts that served as authoritative references for engineering teams.
  • Strong written and verbal communication, ability to translate architecture decisions into compliance traceability artifacts and executive-facing recommendation documents.
  • Track record of driving adoption through influence.
  • Strong scripting background (Python, PowerShell).

Nice To Haves

  • A degree in Cybersecurity and/or CISSP/CSSLP certification and keen desire to move to security field.
  • Business acumen to support the implementation of SAST, DAST, SCA, Container Security, API Security and IaC tools across the enterprise.
  • Ability to perform code reviews with minimal assistance.
  • A self-starter, with a strong desire for learning new technologies and applying them to solve problems.
  • Expertise in monitoring, alerting, reporting, and data analysis.
  • Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
  • Familiarity with public cloud services.
  • Experience with two or more of the Secure SDLC tools like Github Advanced Security, Snyk, WhiteSource, Sonatype, X-Ray, Wiz.
  • Experience with Threat Analysis.
  • DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc.).
  • Experience with evaluation, integration and onboard of application security tools.

Responsibilities

  • Steward the security architecture standard across all verticals – ADRs, threat models, trust boundaries, and control plane design
  • Produce compliance traceability artifacts mapping architecture decisions to compliance requirements
  • Drive cross-team architecture through influence with principal engineers and engineering leads
  • Support security standards, create templates and patterns to increase the efficiency and adoption of security programs.
  • Operate and evolve the design governance toolchain
  • Define the ADR lifecycles from creation to deprecation and ensure decision records remain the authoritative reference for architecture choices
  • Build integrations between spec platform and dev tooling to make compliance traceability continuous, not periodic

Benefits

  • Comprehensive employee benefits and perks in the industry.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service