Alliance Office Technology Risk Manager, VP - Technology

We're seeking someone to join our team as a VP, Lead Risk & Resilience Management in Tech Risk Gov & Controls to The Technology Risk Manger will be responsible for coordinating/supporting technology risk related activities related to the MS/MUFG Alliance Program including execution of Technology Risk and Information Security/Cybersecurity programs as well as MS/MUFG relationship management/ liaison.

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Lead which is part of the job family responsible for identifying, assessing, and mitigating risks to ensure operational continuity and resilience in the face of potential threats or disruptions that could impact the organization, plus management of ongoing incidents.

Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals.

Interested in joining a team that's eager to create, innovate and make an impact on the world? Read on.

What you'll do in the role:

·         Communicate regularly with product leads across the technology organization and discuss opportunities for improvement to existing and future technology solutions.

·         Large and multiple RFI activities

·         Partner with XPG team and manage technology risk aspects of the project.

·         Support and facilitate data transfer request/requirement, vendor onboarding, employee onboarding, BU entitlement, Issue Management, Risk Acceptance, as well as IT Support MS/MUFG IT SLA License agreement and update as well as SLA performance monitoring.

·         Monitoring/review of vulnerabilities and technology KRIs/KPIs (T30) involved in Project Falcon/Eagle assets.

·         “AllianceQ” program - design/development of new data management procedure, data sharing program, training program, entitlement requirement, etc.

·         Integration of MUFG/Project Falcon reviews into MSMS Governance framework. Support/work with NFR team for Alliance monitoring at Japan NFRC.

·         Define/develop MS/MUFG technology policy/standard/procedure supplement where applicable including corresponding compliance testing.

·         Support MS/MUFG IT Collaboration WG meeting.

·         Support/partner with CDRR Technology Risk Officer supporting Trade Surveillance Technology for MUFG requirement.

·         IAD activities as well as regulatory inquiries related to Alliance Program.

·         Prepare ISO27001, SAS70/SSAE16, SOC2Type2, etc certifications required as technology service provider where applicable.     

Closely with MS Alliance Office team, this role also acts as Cybersecurity liaison between MS and MUFG and facilitate MS/MUFG CISO meetings and related activities:

·         Running/Coordinating periodic MS/MUFG Cybersecurity Alliance meetings

·         Collaboration at Japan FS-ISAC/NISC FIRE cybersecurity tabletop exercises twice a year

·         Establish and maintain cybersecurity incident escalation/communication channel.

·         Facilitate Information security and cybersecurity information sharing/knowledge sharing sessions such as IAM, Hunt, Cyber Intelligence, Tools, Vendor Security Assessment, Fusion, etc. This can include the sessions with our global team.

·         Explore additional collaboration opportunities such as Vendor Security Assessment & Outreach, Threat Hunting and Intelligence program, etc.

The risk manager is also expected to actively seek additional Alliance opportunity and support other teams. These can include:

·         Vendor Security Risk and Vendor Outreach program

·         J-FSA Operation Resilience discussion paper and DORA program.

·         Physical security and Osaka office

·         MS/MUFG co-hosting Japan Summit      

What you'll bring to the role:

·         Ability to effectively manage multiple functions or guide junior staff and initiatives. -Advanced understanding of business line and discipline with some knowledge of competitive environment and other disciplines.

·         Strong Japanese and English capability – JLPT N1/equivalent and STEP Grade1/equivalent.

·         Strong understanding of financial industry businesses and technology risk, cybersecurity, and information security concept and/or experience as technology auditor.

·         Working experience of risk assessment methodologies, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001 and Industry certifications such as ISACA CISA, CISM, CRISC and CISSP.

·         Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization. Excellent influencing and negotiation skills

·         Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience.

·         Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.

·         A proven track record in global and cross team projects. Strong project management skills

·         Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements.

·         At least 6 years' relevant experience would generally be expected to find the skills required for this role. 

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 85 years. At our foundation are five core values —putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back —that guide our more than 80,000 employees in 1,200 offices across 42 countries.

At Morgan Stanley, you’ll find trusted colleagues, committed mentors and a culture that values diverse perspectives, individual intellect and cross-collaboration. Our Firm is differentiated by the caliber of our diverse team, while our company culture and commitment to inclusion define our legacy and shape our future, helping to strengthen our business and bring value to clients around the world. Learn more about how we put this commitment to action: morganstanley.com/diversity

We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.