Information Security Incident Response Lead - Québec, Canada - Morgan Stanley

Morgan Stanley
Morgan Stanley
Verified Company
Québec, Canada

3 weeks ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description
Information Security Incident Response Lead (Hybrid)


Job Number:
3233028


POSTING DATE:
Mar 16, 2023


PRIMARY LOCATION:
Americas-Canada-Quebec-Montreal


EDUCATION LEVEL:
Bachelor's Degree


JOB:
Threat Management


EMPLOYMENT TYPE:
Full Time


JOB LEVEL:
Vice President


DESCRIPTION

  • We offer:
  • To work with some of the best professionals in the business for a firm that values individual intellect as much as teamwork
  • Stateoftheart offices that are designed to maximize collaboration
  • Flexible working arrangements
  • Enriching challenges that provide opportunity for constant learning and advancement
  • An environment which is leveraging technology to its highest potential

Team Profile:
Technology Risk's (Tech Risk) mandate is to enable the Firm to manage its technology related risks.

The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive, and consistent risk management practices across the Firm.


Tech Risk protects the Firm's information, systems, and infrastructure from cyber and insider threats; ensures the secure and stable delivery of services to our clients; and adjusts to risks presented by an evolving threat landscape.

The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and also provides expert advice on secure design and development and control effectiveness.

Tech Risk manages responses to regulatory and client inquiries about the Firm's technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction.

Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology, and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.


Position Description:


Morgan Stanley is looking for a talented individual to join a team of information security experts responsible for protecting Firm, client and employee sensitive/confidential data.

The Incident Response team is responsible for managing the detection and reporting of information security incidents supporting all Firm Business Units.

The Team coordinates with the Business Units, Legal, Corporate Security and Technology to gather incident details, assess risk and assist with remediation, ensuring compliance to regulatory and Firm standards.


Responsibilities:


  • Act as a direct manager for several team members, helping define goals, providing performance feedback, and career development.
  • Coach other team members on tools, techniques, and risk analysis of insider threat issues.
  • Host calls with senior members of the Firm to develop quick response plans to information security incidents.
  • Manage Incident Response efforts to assess the criticality of an incident, appropriate mitigation activities, communication across the organization, and ensure proper documentation is produced outlining the details of the incident.
  • Serve as focal point for larger information security incidents, including providing awareness and debriefing to senior management.
  • Manage timesensitive incidents and investigations requiring followthesun coordination.
  • Work closely with other team members to test and document new monitoring tools and/or enhance the existing incident handling procedures.
  • Participate in crossdepartmental tabletop exercises as well as conduct intrateam simulations.
  • Participate in various projects related to operational improvements and tooling.
  • Provide on call and out of hours support.

QUALIFICATIONS

Required skills:

  • Bachelor's Degree or equivalent experience in a related field
  • 7+ years of experience in a similar role or industry (Technology/Financials)
  • Experience as direct manager for an operational team
  • Working knowledge of Incident Management, Information Security, or Data Privacy
  • Ability to handle sensitive situations with discretion and maintain confidentiality
  • Very strong verbal and written English communications skills
  • Organized, attentive to detail, with planning and deductive reasoning skillset
  • Ability to handle multiple competing priorities, while maintaining attention to detail
  • Strong working knowledge of Microsoft Office (Excel, PowerPoint, and Visio)
  • Excellent interpersonal skills
  • Flexible and selfmotivation

Skills Desired:

  • Working knowledge of incident tracking or case management solutions, and DLP detection products
  • Knowledge of internal threat scenarios and mitigation strategies would be a distinct advantage
  • Technical or Information Security Certifications (e.g. CISM, CRISC, CISSP)

About us:
Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services
More jobs from Morgan Stanley
See all jobs of Morgan Stanley