VP - Cyber, Technology, and Information Risk Manager
Morgan Stanley•Edison, NJ
•Hybrid
About The Position
Morgan Stanley is seeking a Risk professional to join the Cyber, Technology and Information Security (CTIS) Standards team within the Non-Financial Risk Organization in Alpharetta or Baltimore at the Vice-President level. The CTIS Standards team enables the firm to manage and comply with CTIS Rules and Risks by setting standards for controls and risk measurement. It defines the overall framework and standards for effective management of CTIS risks, including monitoring of framework activities.
Requirements
- Degree required with a focus in Risk Management, Compliance, Computer Science, Information Technology or Cybersecurity preferred
- 8+ years of relevant experience would be expected to find the skills required for this role, preferably risk management or compliance experience in the financial services industry, a regulator, a self-regulatory organization, or other heavily regulated industries
- Familiarity with CTIS risk management best practices (e.g., CRI, NIST CSF, ISO 27001, CIS Controls) required
- Strong understanding of financial industry CTIS risks, policies and controls, and the ability to critique relevant language with accuracy and confidence
- Self-motivated with strong analytical, organizational, and problem-solving skills; ability to work independently, demonstrate resourcefulness, develop well-structured proposals, and drive complex tasks from start to finish with high accountability
- Ability to work effectively in a cross-functional, global team
- Excellent communication skills, both verbal and written; ability to tailor communication to technical vs non-technical, senior vs junior audiences
Responsibilities
- Provide independent 2LoD review and challenge of 1LoD technology policy and control standards, ensuring that control objectives and control requirements are complete, risk-aligned, and fit for purpose across defined CTIS domains.
- Work closely with 1LoD standard owners to ensure that 1LoD standards sufficiently address applicable rules, regulatory expectations, and key cyber/technology/information security risks. The portfolio comprises of several dozen domain-aligned standard documents and a few hundred control requirements in total.
- Actively participate at senior governance forums to provide input (support, challenge, dissent etc.) and contribute to firm-wide decision-making.
- Cross-Functional Collaboration: Work closely with other departments to ensure the alignment of risk management activities with broader organizational risk management frameworks. Build and maintain strong positive relationships with the broader risk community.
Benefits
- Medical
- Prescription Drug
- Dental
- Vision
- Health Savings Account
- Dependent Day Care Savings Account
- Life Insurance
- Disability and Other Insurance Plans
- Paid Time Off (including Sick Leave consistent with state and local law, Parental Leave and 20 Vacation Days annually)
- 10 Paid Holidays
- 401(k)
- Short/Long Term Disability
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
