Cloud Security Architecture Specialist, Vice President

2 days left

Morgan Stanley
Singapore, Singapore
31 Dec 2022
30 Jan 2023
Job Function
Industry Sector
Finance - General
Employment Type
Full Time
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments, and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Morgan Stanley is currently undergoing a transformation as we look to move more workloads to the public cloud and modernize our information technology stack. This is a unique opportunity to grow with a world class organization as the industry undergoes a technology revolution.
This position will be part of the Cloud Security Architecture (CSA) and is part of the Technology & Operations Risk (TOR) organization. The mission of the CSA team is to conduct comprehensive security evaluations and provide architectural/design guidance for current and emerging cloud technologies to be used in the Firm.

This highly leveraged internal position within Morgan Stanley's IT Security organization has excellent growth potential. The CSA team works with IT groups on a global basis to ensure that IT projects are executed using secure and approved patterns.
This role requires hands-on experience in cloud, application and/or infrastructure security, technology risk management in a highly regulated environment as well as great organizational and communication (verbal and written) skills.

Specific role responsibilities include:
- Provide security expertise to engineering and development teams, acting as a project team member providing consulting advise ensuring security requirements are integrated in the project
- Provide specific security expertise to engineering teams by identifying and creating patterns and blueprints for repeatable security, infrastructure and application instantiations. Blueprints and patterns may address such areas as network design, database access, authentication methods, encryption requirements, key management, entitlement design, identity management, logging, input validation, secure data transfer among others. This involves liaising with other technology subject matter experts to build consensus, outlining areas of improvement in written form and explaining concerns early on
- Identify areas of risk on projects where security requirements cannot be fully addressed in the required time frame of the project
- Document and present those risks to senior business, IT and Security team members
- Help identify areas of security the firm might want to invest in improve IT security
- Product security case reports to document and highlight specific risks along with potential mitigations