Data Loss Prevention Associate, Hong Kong
Morgan Stanley is a leading global financial services Firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm’s employees serve clients worldwide including corporations, governments and individuals from more than 42 countries.
Our Core Infrastructure team is hiring a DLP DevOps Associate
to work in the Data Protection Agile fleet, providing highest level of security consultancy and operational support of security infrastructure components in the area of Data Loss Prevention (DLP). The role is particularly well suited to an experienced Systems Administrator or Security Engineer with a proven understanding in enterprise platform security.
The role focuses on the security products and tooling utilized to manage DLP. A key component of the opening is project based work, with numerous activities to innovate and enhance the services provided within the environment.
The Data Protection Fleet provides a stable, yet agile and dynamic infrastructure platform to support the business functional requirements whilst managing associated risks. The role in question concentrates on the provisioning of DLP security tools and services to internal client groups. Tool development experience is essential to assist the global teams in developing and deploying technology solutions to automate tasks.
- Analysis and development of platform security initiatives
- Providing consultancy and support for Data Loss Prevention products.
- Provide architecture assurance on security platform initiatives
- Develop tooling (as required) for operations team usage using Python, Perl or Shell scripting.
- Participate on calls with internal users and external clients or vendors.
- Maintain security infrastructure, providing stability by following policies, processes and procedures available
- Provide a secure environment, managing and mitigating risks
- Provide reporting and metrics
- Resolve incidents impacting hosts or environment
- Taking problem ownership, Investigate & Troubleshoot root causes when escalated
- Create, review, maintain and update documentation including documenting & publishing fixes in central knowledge base
- Work with global colleagues to provide globally consistent processes and procedures
- Escalate and liaise with internal/external groups when required, resulting in satisfactory resolution
- Active participation within and amongst teams and colleagues, providing constructive feedback when necessary
- Regularly re-evaluate processes and procedures and instigate service improvement initiatives
- Identify areas for automation and scripting wherever possible
- Maximize the use of existing resources, skills and technologies for the greatest benefit
- Responsibility for the planning and controlled execution of releases into the managed environment
- Input into Business Continuity Planning and Practices Qualifications:
- Proven experience in system administration or security engineering.
- Strong Windows Server 2012/16 and RHEL experience (up to and including debugging)
- LDAP/AD Directory Services knowledge required
- Basic networking skills - Firewalls, routing, NAT, SI Model, packet trace and analysis, SMTP, http, etc
- Scripting and Development skills on at least two of the following languages - Perl/Python/Shell/SQL/PowerShell
And at least one of the following (in order of importance):
Network (Monitor & Prevent) DLP for Email
Network Prevent for Web DLP
Network Discover DLP
Microsoft Cloud Application Security
- Active interest in the area of IT security
- Manage project within Agile principles
- Interpersonal Skills ? Communicative, flexible, self-driven and collaborative team player
- Excellent written and oral English communication skills: capable of writing documentation, making presentations to an internal audience, and interacting positively with upper management, colleagues and customers.
- A self-starter that recognize the importance and value of working as a member of an agile squad.
- Web Proxies and Mail Transfer Agent knowledge
- SQL/Oracle Knowledge
- Monitoring Tools knowledge
- Basic understanding of Software deployment tools
- Hardware Vendor software & toolsets (HP/Dell/IBM)
- CISSP or similar certification would be advantage.