Information Technology Risk Officer (WM) - Vice President

Posted on Dec 12, 2018 by Morgan Stanley USA

New York, NY 10001
3 Dec 2018
Annual Salary
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modelling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses and to our own.

Position Description Technology Risk Officer Wealth Management Technology (Super Departments)
T&D Divisional Risk Officers are accountable for the practices associated with technology operations risk awareness, identification, assessment, reporting, governance, management, mitigation and/or acceptance and policy compliance within their respective Division. Super Department Level Risk Officers are responsible for providing guidance to IT Management; coordinate, partner, and assist in identifying, evaluating, and reporting on risk controls in a manner that meets compliance, and government regulations; Identify weaknesses in the technology control environment and recommend business justified remedial actions. Facilitate development of a proactive risk culture and a partnership with the division.

Facilitate timely execution of risk agenda and deliverables; including, but not limited to, SOX control documentation and mitigating controls; Entitlement reviews, and remediation of identified conflicts; Audit finding remediation; Technology Control Assessment and associated remediation, Lead to completion risk initiatives and programs; Adoption of security and control tooling, solutions.

Participate in risk working groups to help promote, champion the operational risk agenda across the organization and help enhance the overall risk culture; Support standardization of risk controls, risk management processes and procedures, and ensure adherence to company policy and procedures; Monitor and report on remediation actions and programs addressing technology risks.

Provide direction, support and oversight with respect to identification and management of top risks to PAG core systems and applications
Monitor risk and report on risk agenda to super department senior management

Represent, coordinate and respond to super department deliverables co-chair bi-weekly Risk Coverage working group meeting, bi-weekly issue tracking / status meetings etc

Manage the overall engagement of the Division with Firm wide risk and control groups as appropriate. This includes TIR, Business Risk Management, ORD and Internal Audit we.g. ARA, RCSA, SSAE18, ISRA etc

Entitlement Program support

Provide Information Security (InfoSec) coverage, respond to data leakage incidents, facilitate risk acceptance / exception (secure build) requests that are related to InfoSec

Internal Audit / Regulatory support as it relates to PAG risk coverage functions

PAG Risk & Issue management, e.g. Internal Audit, SecArch, ILM, NAC, PenTest, SRMP (iPRAM) etc

Support regulatory inquiries and internal audits requests across the PAG silo, e.g. Request For Information (RFI) coordination with RiskRFI and Internal Audit teams

BCP / DR support / compliance, e.g. Risk / Post mortem analysis

Data Management Support (Integrity, protection)

Play a key role in assessing risks, interfacing with TIR and AppDev teams, and ensuring that the appropriate risk reduction/mitigations are put in place wrt new technology/applications/vendors

Ensure management awareness and governance around progress on risk responses from across the risk and control agenda through regular reporting to management (e.g. DIRC).

Senior Risk Officers should partner with the BUISOs to report on the progress of Information Security remediation actions to the DIRC and escalate progress issues as appropriate.


Skills Required

Understanding of Operational Risk and associated regulations (e.g., Dodd Frank, Basel, SOX etc), and the associated application to a technology division within Financial Services and Banking.

Strong understanding of Technology Risk Policy

Project / Program Management experience.

Excellent oral and written communication skills, as the role involves a high amount of interaction with senior management across multiple divisions, including Business, Technology, Firm Control organizations (e.g. Compliance & Legal).

Strong analytical and problem-solving skills.

Proficiency in MS Office and related applications (Word, Excel, Powerpoint, Access, Visio, Project)

Self-starter with a can-do approach

Skills Desired

General investment and commercial banking industry knowledge

Prior experience in software development, risk analysis or audit reporting.

Familiarity with SDLC and Project Management methodology a plus.

Comfort working with ambiguity, managing and resolving complex issues.

Knowledge of the Morgan Stanley systems and infrastructure a plus

CRISC, CISA, CISM or comparable certification
Information Technology Risk Officer (WM) - Vice President

Reference: 598336579

Similar Jobs

Vice President - Market Risk Identification

New York, NY

Morgan Stanley USA

Vice President - Liquidity Risk Stress Testing

New York, NY

Morgan Stanley USA

Vice President - Third Party Risk Management

New York, NY

Morgan Stanley USA