By Morgan Stanley
The IT Security Architecture (SecArch) team is part of the Technology Infrastructure Risk (TIR) organization. The mission of the SecArch team is to provide security assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices.
This highly leveraged internal position within Morgan Stanley's IT Security organization has excellent growth potential.
The security architecture team works with IT groups on a global basis to ensure that IT projects are executed on a secure basis.
The successful candidate will join the Cloud Practice within the larger Security Architecture team. This team reviews security posture of projects involving SaaS, PaaS or IaaS and recommend steps towards the secure usage of Cloud Technologies.
Specific role responsibilities include
Work with network, platform, engineering and development teams in architecture design and review session.
Provide specific security expertise to engineering teams. Areas include secure network design, database access, security testing, authentication methods, implementing encryption, entitlement design, logging, input validation, secure storage design, secure data transfer.
Identify areas of risk on projects where security requirements cannot be fully addressed in the required time frame of the project.
Document and present those risks to senior business, IT and Security team members Help identify areas of security the firm might want to invest in improve IT security.
Create documentation and guidance on the secure implementation of new technologies in the firm. This involves liaising with other technology subject matter experts to build consensus, outlining areas of improvement in written form and explaining concerns early on.
Conduct security training for IT groups
The right candidate will know
Computer Science, or other Engineering Degree; 5 to 8 years of experience in a similar position; Expertise in Infrastructure as a Service, Software as a Service or Platform as a service;
Working knowledge of popular Cloud Vendors and technologies (Amazon, Microsoft Azure and Office365, Google Apps and Compute Engine, Salesforce, Rackspace, OpenStack, etc.
Excellent writing skills; Capacity to see through sales pitches to find inconsistencies and omissions; Interest in working in the security field;
Excellent communication / interpersonal skills; Good team player; Ability to take broad objectives and create and execute a concrete plan;
Ability to influence and engage with senior management; Capacity to manage expectations and handle high-pressure situations with tight deadlines;
Ability to quickly adapt to changing priorities and demands
Salary : $75K - $95K per year
RRSP contributions dollar for dollar
4 weeks’ vacation
100% payment of group insurance
Flexible working hours and the possibility of sometimes working from home
50% gym membership