IT Security/ Security DevOps - Associate
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 41 countries, the Firm's employees serve clients worldwide including corporations, governments, institutions, and individuals. For further information about Morgan Stanley, please visit www.morganstanley.com.
Technology & Operational Risk
Technology and Operations Risk's mission is to deliver first-line defenses to manage Cyber and Fraud risks to Morgan Stanley's technology, operations and information through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner. The team's vision is to deliver programs that protect and enable the business, ensure secure delivery of services to clients, adjust to address the risks presented by an evolving threat landscape and meet regulatory expectations
Data Loss Prevention DevOps - Associate:
The Security DevOps associate will be part of the Data Protection fleet providing highest level of security consultancy, development, and operational support of security infrastructure components in the domain of Data Loss Prevention (DLP). The role focuses on the security products and tooling utilized to manage DLP and is suited to an experienced Security Engineer with a proven understanding in enterprise data protection security. An additional key component of this role is project based, with numerous activities to innovate and enhance the services provided within the environment.
The Data Protection Fleet provides a stable, yet agile and dynamic infrastructure platform to support the business functional requirements whilst managing associated risks. The role in question concentrates on the provisioning of DLP security tools and services to internal client groups. Tool development experience is essential to assist the global teams in developing and deploying technology solutions to automate tasks.
The candidate must demonstrate strong technical qualities - preferably in a global environment and ideally within the finance industry.
- Analysis and development of data protection security initiatives
- Providing consultancy and support for Data Loss Prevention products
- Provide architecture assurance on security platform initiatives
- Develop and deploy tooling for operations team usage using Python, Perl, or Shell scripting.
- Participate in calls with internal users and external clients or vendors.
- Maintain security infrastructure, providing stability by following policies, processes, and procedures available
- Provide a secure environment, managing and mitigating risks
- Provide reporting and metrics
- Resolve incidents impacting hosts or environment
- Taking problem ownership, Investigate & Troubleshoot root causes when escalated
- Create, review, maintain and update documentation including documenting & publishing fixes in central knowledge base
- Work with global colleagues to provide globally consistent processes and procedures
- Escalate and liaise with internal/external groups when required, resulting in satisfactory resolution
- Active participation within and amongst squads and colleagues, providing constructive feedback when necessary
- Regularly re-evaluate processes and procedures and instigate service improvement initiatives
- Identify areas for automation and scripting wherever possible
- Maximize the use of existing resources, skills, and technologies for the greatest benefit
- Responsibility for the planning and controlled execution of releases into the managed environment
- Input into Business Continuity Planning and Practices