Vice President - Security Platform Architect - Technology

Vice President - Security Platform Architect - Cyber Data Risk & Resilience

Company Profile

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 41 countries, the Firm's employees serve clients worldwide including corporations, governments, institutions and individuals. For further information about Morgan Stanley, please visit www.morganstanley.com.

Technology & Operations Risk

Technology and Operations Risk’s mission is to deliver first-line defenses to manage Cyber and Fraud risks to Morgan Stanley’s technology, operations and information through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally-compliant manner. The team’s vision is to deliver programs that protect and enable the business, ensure secure delivery of services to clients, adjust to address the risks presented by an evolving threat landscape and meet regulatory expectations.

Job Profile

Position: Security Platform Architect
Description
The Enterprise Security Architecture team is a centre of excellence covering the technical architecture and strategy for security services to be operated or consumed within Morgan Stanley.  We support facilitating strategic planning, investment prioritization, and portfolio management, sets technology and provides oversight of adherence to policy, architecture and SDLC standards.
The successful candidate will have responsibilities for:
• Creating “Target State Architecture” in collaboration with the SMEs in engineering as well as other partners across the firm to deliver the core security capabilities and their application across major infrastructure and application environments including the broad Cloud spectrum, SaaS solutions, and data services/technologies.
• Collaborate with the SMEs in engineering as well as other partners across the firm to deliver core security capabilities and their application across major infrastructure and application environments both on premises and in the cloud
• Architecting/designing/documenting strategic cross-discipline security solutions for an array of business problems
• Evaluating/assessing strategic solutions to solve business problems and/or to feedback into the Target State Architecture
• Ensuring adherence to security standards and compliance requirements in all architectural decisions.
This role will have a particular focus on using the above to deliver security across following:
• Public cloud platforms – Azure, AWS (or GCP)
• Data Platforms and Networking solutions for the enterprise
• Software as a Service (SaaS) applications such as M365 etc.
• DevOps, and Containers across on premises and cloud
• Zero trust-based integration with applications and infrastructure
We're looking for an enthusiastic security technologist with excellent communication skills and experience of developing applications, building and/or running scalable infrastructure with a passion for security along with a proven architectural background. The successful candidate will help shape the future security landscape with a strategic outlook coupled to a disciplined design approach. This is an ideal role for someone looking to broaden their existing security knowledge and innovate at scale in an enterprise environment.

Skill Set

Skills Required
• Proven architectural and design background
• Proven background in Security and/or delivering Security solutions
• Strong understanding of cloud platforms (e.g., AWS, Azure, GCP), SaaS applications, and data security technologies.
• Excellent communication skills coupled with a collaborative approach
• Excellent understanding of Enterprise Architecture
• Experience delivering and/or running scalable infrastructure
 
Skills Desired
• Experience using an Architectural Framework (e.g., TOGAF, SABSA, EA etc)
• Experience working in a large, regulated corporate entity
• Broad experience across one or more of: 
• Strong knowledge of data protection regulations, encryption, and data classification.
• Knowledge of security standards, regulations, and best practices (e.g., NIST, ISO, GDPR).
• Zero trust style technologizes and solutions
• Threat modelling processes
• Consultation/collaboration with engineering and business stakeholders to develop target state architectures and provide governance oversight of implementing projects
• Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) are a plus

Qualifications/Criterion

• Bachelor’s Degree
• 10 to 17 years of relevant experience

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.