We're seeking someone to join our team as an Associate to work in the technology audit team, within Internal Audit, to manage/execute risk based assurance activities.
The Internal Audit Division (IAD) drives attention and resources to vulnerabilities by providing an independent and well-informed view and impactful messages about the most important risks facing our Firm. This is accomplished by performing a range of assurance activities to independently assess the quality and effectiveness of Morgan Stanley's system of internal control, including risk management and governance systems and processes. IAD serves as an objective and independent function within the Firm's risk management framework to foster continual improvement of risk management processes. This is an Associate level position (P2) within Technical Specialist job family, which is responsible for assessing risks and determining and executing coverage of Technology risks.
Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals.
Interested in joining a team that's eager to create, innovate and make an impact on the world? Read on.
What you'll do in the role:
- Execute a wide range of assurance activities which focus on application controls supporting the business processes, including systems development, application security and entitlements, production management, and technology governance (e.g., audits, continuous monitoring, closure verification)
- Understand and adopt new audit tools and techniques
- Develop clear and concise messages regarding risk and business impact within relevant coverage area
- Identify and leverage data to incorporate into analysis of coverage area
- Collaborate with a wide range of internal stakeholders to build effective working relationships and to execute on team deliverables
- Effectively manage multiple deliverables while delivering high-quality work
- Work with the technology audit team, within Internal Audit, to manage/execute risk based audits
- Test controls over applications and system infrastructure, including those over data accuracy, completeness and processing, systems development, change management, data security and entitlements, production management and technology governance
- Identify control gaps and open risks, raise insightful questions to identify root causes and business impact and draw the appropriate conclusions
We're seeking someone to join our team as an Associate to work in the technology audit team, within Internal Audit, to manage/execute risk based assurance activities.
The Internal Audit Division (IAD) drives attention and resources to vulnerabilities by providing an independent and well-informed view and impactful messages about the most important risks facing our Firm. This is accomplished by performing a range of assurance activities to independently assess the quality and effectiveness of Morgan Stanley's system of internal control, including risk management and governance systems and processes. IAD serves as an objective and independent function within the Firm's risk management framework to foster continual improvement of risk management processes. This is an Associate level position (P2) within Technical Specialist job family, which is responsible for assessing risks and determining and executing coverage of Technology risks.
Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals.
Interested in joining a team that's eager to create, innovate and make an impact on the world? Read on.
What you'll do in the role:
- Execute a wide range of assurance activities which focus on application controls supporting the business processes, including systems development, application security and entitlements, production management, and technology governance (e.g., audits, continuous monitoring, closure verification)
- Understand and adopt new audit tools and techniques
- Develop clear and concise messages regarding risk and business impact within relevant coverage area
- Identify and leverage data to incorporate into analysis of coverage area
- Collaborate with a wide range of internal stakeholders to build effective working relationships and to execute on team deliverables
- Effectively manage multiple deliverables while delivering high-quality work
- Work with the technology audit team, within Internal Audit, to manage/execute risk based audits
- Test controls over applications and system infrastructure, including those over data accuracy, completeness and processing, systems development, change management, data security and entitlements, production management and technology governance
- Identify control gaps and open risks, raise insightful questions to identify root causes and business impact and draw the appropriate conclusions
What you'll bring to the role:
- - At least 3 years' relevant experience would generally be expected to find the skills required for this role
- Understanding of audit principles, tools and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring)
- Ability to communicate clearly and concisely and adapt messages to audience
- Ability to identify patterns and anomalies in data
- A commitment to practicing inclusive behaviors
- Willingness to solicit and provide feedback to further develop self and peers
- Masters'/ Bachelors' Degree (Computer Science or IT related preferred)
- CISA, CISSP or CPA certification (preferred, though not required)
- Strong understanding of industry standards such as the NIST Cybersecurity Framework, NIST 800-53, PCI-DSS, CSA, ISO 27001/02, CIS Top 20 Critical Security Controls (formerly SANS), FFIEC guidelines etc.
- Technical knowledge of IT systems, including:
o Databases
o Operating Systems (UNIX, Linux, Windows, z/OS)
o Networking, including VPN, LAN, WAN, WLAN
o Backup and Recovery system
o Middleware
o Virtualization Technologies
o Penetration Testing Tools
o Tools such as Splunk, ArcSight, WatchTower
- Good understanding of threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network security, web-based applications architecture and security, network protocols
We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 85 years. At our foundation are five core values — putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back — that guide our more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find trusted colleagues, committed mentors and a culture that values diverse perspectives, individual intellect and cross-collaboration. Our Firm is differentiated by the caliber of our diverse team, while our company culture and commitment to inclusion define our legacy and shape our future, helping to strengthen our business and bring value to clients around the world. Learn more about how we put this commitment to action: morganstanley.com/diversity. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry.
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.
What you'll bring to the role:
- - At least 3 years' relevant experience would generally be expected to find the skills required for this role
- Understanding of audit principles, tools and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring)
- Ability to communicate clearly and concisely and adapt messages to audience
- Ability to identify patterns and anomalies in data
- A commitment to practicing inclusive behaviors
- Willingness to solicit and provide feedback to further develop self and peers
- Masters'/ Bachelors' Degree (Computer Science or IT related preferred)
- CISA, CISSP or CPA certification (preferred, though not required)
- Strong understanding of industry standards such as the NIST Cybersecurity Framework, NIST 800-53, PCI-DSS, CSA, ISO 27001/02, CIS Top 20 Critical Security Controls (formerly SANS), FFIEC guidelines etc.
- Technical knowledge of IT systems, including:
o Databases
o Operating Systems (UNIX, Linux, Windows, z/OS)
o Networking, including VPN, LAN, WAN, WLAN
o Backup and Recovery system
o Middleware
o Virtualization Technologies
o Penetration Testing Tools
o Tools such as Splunk, ArcSight, WatchTower
- Good understanding of threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network security, web-based applications architecture and security, network protocols
We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 85 years. At our foundation are five core values — putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back — that guide our more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find trusted colleagues, committed mentors and a culture that values diverse perspectives, individual intellect and cross-collaboration. Our Firm is differentiated by the caliber of our diverse team, while our company culture and commitment to inclusion define our legacy and shape our future, helping to strengthen our business and bring value to clients around the world. Learn more about how we put this commitment to action: morganstanley.com/diversity. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry.
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.
false