Live chat
Morgan Stanley

Cybersecurity-Technology Audit Manager

Morgan Stanley - New York City, NY

Company Profile Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 42 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture. Background on the Position Morgan Stanley is seeking a strong Technology Audit candidate to cover, Information Security and Cybersecurity supporting the firm. Cybersecurity Auditors focus on general and infrastructure controls that mitigate cybersecurity risk for the technology supporting the enterprise. The auditor is responsible for understanding, analyzing, and testing the technology controls including those over architecture and configuration, systems development, security and entitlements, production management and governance. Primary Responsibilities �?• Manage projects and supervise staff on audit assignments with primary focus on cybersecurity �?• Design and execute risk-based audit programs in order to assess the design and effectiveness of key technology and/or security controls for critical systems and processes. �?• Partner with Application and Business Auditors, and work collaboratively within a team �?• Maintain ongoing dialog with key stakeholders regarding risks identified and necessary improvements to the control frameworkQualifications Skills required (essential) �?• Five or more years of IT Audit experience �?• Experience in auditing interfaces, infrastructure, data processing and computer general controls �?• Strong understanding of industry standards such as the NIST Cybersecurity Framework, NIST 800-53, PCI-DSS, ISO 27001/02, CIS Top 20 Critical Security Controls (formerly SANS),,and FFIEC �?• Technical knowledge of IT systems, including: o Databases o Operating Systems (UNIX, Linux, Windows, z/OS) o Networking, including VPN, LAN, WAN, WLAN o Firewalls and associated hardware o Backup and Recovery system o Middleware o Virtualization Technologies o Data Loss Prevention tools, Intrusion Detection and Intrusion Prevention tools o Pen Testing Tools o Tools such as Splunk, ArcSight, �?• Good understanding of threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network security, web-based applications architecture and security, network protocols �?• Ability to handle multiple projects while meeting deadlines with minimal supervision �?• Build strong relationships with Technology clients �?• Strong written and verbal communication skills �?• Project planning skills �?• Proven knowledge of auditing standards and procedures, appropriate IT and auditing processes, rules and regulations. Skills desired �?• Experience with Data Analysis using data mining tools �?• Familiarity analyzing results from Pen Testing Tools �?• Practical IT work experience is a plus �?• Scripting and programming experience is beneficial Education requirements : �?• Bachelorâ�?��?�s Degree (Computer Science, Technology, Information Systems or related field) �?• CISA, CISSP, and/or CISM certifications are preferred �?• Offensive Security Certified Professional (OSCP), CSX-F certification, Certified Ethical Hacker (CEH) or similar certifications are desirable �?• Microsoft and Cisco certifications are a plus *LI-ND1Requisition #: 3114872,

17 days 2 hours ago

Morgan Stanley


Cybersecurity-Technology Audit Manager Morgan Stanley - New York City, NY, United States


Location: New York City, NY

Company Profile:
Morgan Stanley, a financial holding company, provides various financial products and services to corporations, governments, financial institutions, and individuals worldwide. The company’s Institutional Securities segment offers financial advisory services on mergers and acquisitions, divestitures, joint ventures, corporate restructurings, recapitalizations, spin-offs, exchange offers, leveraged buyouts, takeover defenses, and shareholder relations, as well as provides capital raising and corporate lending services. This segment is also engaged in sales, trading, financing, and market-making activities, including institutional equity, fixed income and commodities, research, and investment activities, as well as offers financing services, such as prime brokerage, consolidated clearance, settlement, custody, financing, and portfolio reporting services. Its Wealth Management segment provides brokerage and investment advisory services covering various types of investments comprising equities, options, futures, foreign currencies, precious metals, fixed income securities, mutual funds, structured products, alternative investments, unit investment trusts, managed futures, separately managed accounts, and mutual fund asset allocation programs. This segment also offers education savings programs, financial and wealth planning services, annuity and other insurance products, cash management services, trust and fiduciary services, retirement solutions, and credit and other lending products, as well as fixed income principal trading services. The company’s Investment Management segment provides alternative investment products, such as hedge funds, private equity and real estate funds, and portable alpha strategies to institutional and intermediary channels, and high net worth clients, as well as is involved in real estate investing and merchant banking businesses. Morgan Stanley was founded in 1935 and is headquartered in New York, New York.