Cyber Response Lead - VP - P5

Company Profile

Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals.

Interested in joining a team that's eager to create, innovate and make an impact on the world? Read on.

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities.

Cyber, Data, Risk and Resilience:

The Cyber, Data, Risk and Resilience (CDRR) division provides first-line defenses for information and cyber security, fraud, resilience, response and recovery, and technology risk and controls. The organization also includes Morgan Stanley's Firmwide Data Office, International Technology offices, and the Non-Financial Risk Technology organization.

Team Profile

Morgan Stanley is seeking a regional technical leader for our North America Cyber Incident Response Team (CIRT). The CIRT team is responsible for detecting, investigating, and responding to cyber security incidents. The global CIRT is a 24/7 operation with members in key geographical locations. CIRT work core hours in their region with an on-call rotation for critical incidents as needed.

Primary Responsibilities

This is a technical leader role which involves leading a team of security analysts and incident responders. Technical experience is required for the day-to-day running of the team and setting clear priorities on both tactical incident response and strategic projects within the Cyber Security organization.

• Part of the senior management team influential in global decision making and direction of all aspects of the CIRT organization
• Represent CIRT within the North American region, providing the escalation and decision-making authority within the region.
• Manage and lead a regional team of security analysts and incident responders.
• Improve the detection, escalation, containment, and resolution of incidents through strategic projects and engagements with the wider firm's security engineering teams.
• Lead enhancements and adapt existing incident response methods, tools, and processes for the changing threat landscape.
• Maintain knowledge of threat landscape by monitoring OSINT and related sources
• Maintain technical skills through training and exercising skills both individually and as a region.
• Lead investigations of cyber security incidents and threats.

Qualifications:

Candidates should have a strong interest in cyber security and a good understanding of the tactics, techniques, and procedures of attackers. This role requires a detail oriented, critical thinker who can anticipate issues and solve problems. Candidates should be able to analyze large datasets to detect underlying patterns and drive to a root cause analysis.

Required Skills:

• 8+ years experiences with Security Analysis, Incident Response, Red Team (i.e. working in SOC/CIRT/CSIRT/CERT).
• Excellent written and oral presentation skills
• Experience in the management and development of technical security professionals.
• Solid foundation of computing computer security principles, protocols algorithms and techniques.
• Strong analysis, problem solving and critical thinking skills necessary to perform root cause analysis of cyber security issues.
• Understanding of cyber adversarial Tactics Techniques and Protocols (TTPs)
• Subject matter expert in one or multiple areas such as Windows, Unix, firewalls, intrusion detection, network and host based forensics.
• Experience with investigating common types of attacks; network packet analysis; log analysis and reviewing security events.
• Sound understanding of TCP/IP and networking concepts; security alerts and incidents.

Desired skills:

• Prior experience leading incident response teams or other teams within an operational environment such as SOC, IR, DFIR, CIRT, CSIRT, or CERT.
• Creation and implementation of security monitoring use-cases and analytics
• Security product assessments.
• In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
• Industry certifications: GCIH, GNFA, GREM, CISSP, OSCP, or other related certification
• Experience in the financial industry.
• Familiarity with regulatory requirements and compliance standards such as GDPR, PCI-DSS, and NIST CSF.
• Experience in threat hunting and proactive detection of cyber threats.
• Experience with cloud security and cloud-based security tools (e.g., AWS, Azure, Google Cloud Platform).
• Experience with security automation and orchestration tools (e.g., Splunk Phantom, Palo Alto XSOAR).

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren't just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you'll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There's also ample opportunity to move about the business for those who show passion and grit in their work.

Salary range for the position: $160,000 - $200,000 / Yr. The successful candidate may be eligible for an annual discretionary incentive compensation award. The successful candidate may be eligible to participate in the relevant business unit's incentive compensation plan, which also may include a discretionary bonus component. Morgan Stanley offers a full spectrum of benefits, including Medical, Prescription Drug, Dental, Vision, Health Savings Account, Dependent Day Care Savings Account, Life Insurance, Disability and Other Insurance Plans, Paid Time Off (including Sick Leave consistent with state and local law, Parental Leave and 20 Vacation Days annually), 10 Paid Holidays, 401(k), and Short/Long Term Disability, in addition to other special perks reserved for our employees. Please visit mybenefits.morganstanley.com to learn more about our benefit offerings.

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).