APAC Risk Officer, Cyber, Data, Risk & Resiliency Management, VP

We’re seeking someone to join our risk function of enterprise technology & risk divisions team as a APAC Risk Officer in Tech Risk Gov & Controls to support Asia regional risk and control self-assessment programs and governance programs, provide a direct support and liaison for senior Asia ETR regional management.

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Cyber, Data, Risk & Resiliency Management Manager position at Vice President level, which is part of the job family responsible for identifying, assessing, and mitigating risks to ensure operational continuity and resilience in the face of potential threats or disruptions that could impact the organization, plus management of ongoing incidents.

Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals.

Interested in joining a team that's eager to create, innovate and make an impact on the world? Read on.

What you'll do in the role:

>Staff, develop and lead one or more teams which is part of a department.

>Analyze multiple sets of information to create summaries for various stakeholders.

>Manage the overall engagement of the Division with Firmwide risk and control groups as appropriate. This includes CDRR(Technology Risk department) Identity and Access Management, Resiliency, Network Security, entitlements, Cyber, data, ORD(Operational Risk Department) and Internal Audit.

>Manage the engagement with Technology Risk teams and SME  in support of agreed controls to monitor and coordinate the implementation and adoption of all applicable processes and tools. Determine the scope and manage the execution of any necessary remediation work to achieve the agreed level of adoption in the Division. For Identity and Access Management, for example, this includes the use of approved provisioning tools, the definition of entitlements models, technology Segregation of Duty tagging, entitlements classification.

>Manage the engagement with Technology Risk to collaborate on the design of new controls or control process for use across Technology. In addition, facilitate the deployment and adoption of new controls and control processes and facilitate the setting of scope for such activity within the Division

>Monitor the completeness and appropriateness of key risk and control related data and raise concerns with data owners and escalate to Divisional management if required. This includes Divisional risk data in the risk register and in the Firm's issue and action plan tracking system (OpenPages), Technology Asset Inventory (TAI) reference data, Technology Access Management (TAM) related roles and Business Continuity data

 >Review and approve certain control related reference data in TAI. This includes new assets, new teams and changes to Segregation of Duty tagging

>Ensure management awareness and governance around progress on risk responses from across the risk and control agenda through regular reporting to management

What you'll bring to the role:

>Experience in effectively executing IT strategy, delivery and complex initiatives.

>Ability to present information in a clear and concise manner to technology and business leadership.

>Advanced understanding of functional area and competent understanding of competitive environment. 

>At least 8 years' relevant experience in technology risk management in the financial services or other regulated industry would generally be expected to find the skills required for this role.

>Familiarity with the Technology risk management framework and control self-assessment process

>Experience of team management / relationship management in a matrix management structure

>Proven leadership skills with excellent track record in delivering high performance

>Experience of risk reporting / dashboard generation / KRIs

>Familiar with regulatory technology requirements, Experience of regulatory and audit engagements local industry forums

>Strong understanding of Asia financial industry business and how technology being leveraged

>Ability to influence and engage with senior management and stakeholders

>Ability to manage expectations and handle high-pressure situations with tight deadlines

>Ability to quickly adapt to changing priorities and demands

>Excellent communication / interpersonal skills and able to interact at all levels of the organization and with local regulators as well as be effective as part of a broader team, additional fluency in regional language highly desired.

>Knowledge and understanding of infrastructure technologies and / or security technologies.

>Self-starter able to complete role with minimal supervision, paying close attention to detail
>Knowledge and understanding of infrastructure technologies and / or security technologies.

>Certifications in the IT Risk area such as CISA, CISSP / CISSM (or equivalent) would be an advantage

>Strong project management skills; proven ability to prioritize business objectives and effectively manage regulatory agenda in a dynamic environment

What you can expect from Morgan Stanley

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 85 years. At our foundation are five core values — putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back — that guide our more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find trusted colleagues, committed mentors and a culture that values diverse perspectives, individual intellect and cross-collaboration. Our Firm is differentiated by the caliber of our diverse team, while our company culture and commitment to inclusion define our legacy and shape our future, helping to strengthen our business and bring value to clients around the world. Learn more about how we put this commitment to action: morganstanley.com/diversity We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.