CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Operational Risk Cybersecurity, Information Security, and Technology Risk, Executive Director
January 5, 2020
Firm Risk Management (FRM) enables Morgan Stanley to achieve its business goals by partnering with business units across the Firm to realize efficient risk-adjusted returns, acting as a strategic advisor to the Board and protecting the Firm from exposure to losses as a result of credit, market, liquidity, operational, model and other risks.
Our mission is to serve as the follow roles:
Independent agent to set consistent principles and disciplines for risk management
Strategic advisor to Firm management for setting risk appetite and allocating capital
Industry leader to influence and meet regulatory standards
You will collaborate with colleagues across FRM and the Firm to protect the Firm's capital base and franchise, advise businesses and clients on risk mitigating strategies, develop tools and methodologies to analyze and monitor risk, contribute to key regulatory initiatives and report on risk exposures and metrics to enable informed and strategic decision-making. Through thoughtful analysis and clear communication we are best able to bring our ideas to the table and improve the Firm.
Firm Risk Management values diversity and is committed to providing a supportive and inclusive workplace for all employees.
Firm Risk Management's unique franchise promotes:
Flat, flexible and integrated global organization
Collaboration and teamwork
Credible, independent decision-making
Creative and practical solutions
Meritocratic and diverse culture
The Asia Pacific (APAC) Risk Management Division is responsible for the independent identification, analysis, reporting and escalation of all market, credit, liquidity and operational risk exposures arising from business activities, acting independently of business management and providing an effective challenge process.
Morgan Stanley has an opening for an Executive Director as APAC Lead for Cybersecurity, Technology, and Information Security Risk Oversight within the Operational Risk Department. The successful candidate will be responsible for helping execute independent oversight, analysis, and monitoring of risks and controls around the Firm's technology and security risks, including identifying, assessing, and helping to assess the business risk from cyber threats and remediate risks related to the confidentiality, availability and integrity of the Firm's systems and information, including associated processes and controls.
Morgan Stanley is seeking a candidate to join the Operational Risk Department in Hong Kong. The role-holder will be an integral part of the team supporting the execution of the Department's mandate and strategy.
Core responsibilities include:
Threat Analysis – Build and operate the APAC capabilities necessary to provide APAC and Global management with an independent view of the Firm's susceptibility to cybersecurity and technology risks due to the actions of external malicious cyber actors and failures in internal practices and procedures.
Oversight Function – For APAC, lead a team to drive the overall end-to-end assessment of the sufficiency of existing control functions to meet the threats by building and executing necessary regional and Global activities across the following key dimensions:
Risk Identification: Identify and assess risks related to the information and systems supporting Firm activities globally
Risk Measurement: For identified risks, assess magnitude and plausibility of the risks to lead to business consequences by executing bespoke regional and Global capabilities to understand linkages between threats and consequence.
Risk Governance: Participate in relevant (or in scope) governance, steering, and working group committees and review metrics and escalation reports to monitor risk and control-related developments, issues and trends. Provide regular updates to APAC Senior and Executive Management. .
Risk Monitoring: Review metrics, industry developments, and escalation reports to monitor risk and control-related developments, issues and trends in the management of technology and cybersecurity risk
Perform Threat/Control Assessments - Assess whether cybersecurity activities and technology controls are designed and implemented effectively so as to verify that threats are countered and risks are mitigated to targeted levels
Relationship Management – Liaise and work with EMEA and Global Control Function owners and Risk Managers in providing Operational Risk Coverage / Cyber Risk Coverage
Advisory Services – Provide guidance on the evolving technology and cybersecurity risk landscape to regional and global senior and executive leadership in risk management, technology, and the business units.
Policy & Procedures - Maintain and or oversee relevant policies and procedures related to technology and security processes
The position reports both regionally to the APAC Head of Operational Risk and also the Global Head of Cybersecurity, Information Security, and Technology Risk
Bachelor's Degree minimum
Minimum of 10 years' worth of technology and/or security related work experience, preferably in the financial services industry
Experience in risk management is preferred
Strong project management and organization skills
Ability to multitask and prioritize
Strong analytical and problem-solving skills
Flexible and self-motivator
Excellent communication skills, both verbal and written; ability to produce concise and effective presentations tailored to technical and non-technical audiences
Ability to work in a small team environment, building and maintain a network of contacts and coordinating with a large number of stakeholders
Proficiency in a technical area, such as computer network defense, software programming, technology integration, computer science, or related fields
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.
Interested in flexible working opportunities? Morgan Stanley empowers employees to have greater freedom of choice through flexible working arrangements. Speak to our recruitment team to find out more.