Technology Risk Specialist

  • Competitive
  • Glasgow, Scotland, United Kingdom Glasgow Scotland GB
  • Permanent, Full time
  • Morgan Stanley
  • 22 Jun 18 2018-06-22

See job description for details

Company Profile:
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Department Profile:
The mission of the Global Technology Department is to provide a highly reliable and commercial technology platform, which supports the Firm’s strategy, delivered by an innovative, world-class team of professionals.

Technology & Information Risk (TIR) is part of the Global Technology organization. Its mission is to enable proactive, comprehensive, and consistent technology and information-related risk management practices across the Firm and to protect Firm information, systems, and associated infrastructure from Cyber Threats.

Primary Responsibilities:
The Technology and Information Risk, Risk Specialist will be part of the Technology Risk Management Governance Team (TRMG), interfacing with Senior Risk Officers/ Risk Officers, subject matter experts, business representatives, and the Operational Risk Department.

The team is primarily responsible for the Firm’s Technology Risk Management Framework, providing support, best practice guidance and governance over the Framework. Additionally the team perform Risk Landscape reporting of Technology risk and control gaps, perform Quality Assurance Reviews, and manage the end-to-end Operational Risk Incident process on behalf of Technology divisions.

The applicant should be a self-starter, with proven risk and control knowledge and experience, as well has having excellent communication and the ability to liaise and interact with individuals at all levels of the organization, including Senior Risk Officers/ Risk Officers.

Key responsibilities of the role include:
- E nd-to-end management (identification, capture and quality assurance and reporting) of all Technology Operational Risk Incidents
- As one of the Technology Risk Management Subject Matter Experts (SMEs), provide support, guidance on all aspects of the Technology Risk Management Framework
- Operate a monthly Quality Assurance program across Technology Risks and Issues, working in partnership with first and second line Risk Management stakeholders to drive compliance with the Technology / Firmwide Policy
- Production and support of Risk Landscape Reporting, providing management with a holistic view of risk and control gaps across the Technology environment to enable informed risk response decisions.
- Engagement in multiple programs to drive consistency of Risk Management practice across the Firm


Required Skills
- Experience in Risk Management practices and/or technology risk and control assessments or programs
- Knowledge of General Computing Controls and Risk Management Best Practice
- Strong aptitude for IT and understanding of technology concepts and terminology
- Strong data analysis skills with expert knowledge of MS Excel (pivot tables, advanced formulae etc.)
- Proven written and verbal communication skills - to the level of being able to interact directly with department senior management
- Ability to think strategically, see the ‘bigger picture’ and have excellent critical thinking and problem solving skills
- Organizational skills as reflected through a methodical/organised approach to ensure timelines are met and the ability to manage multiple tasks simultaneously
- Proactive self-starter who can identify opportunities for improvement and operate autonomously

Desired Skills
- Working knowledge of Technology applications and infrastructure (e.g. Server, network, platform desktop environment) and how they are used in large organisations
- Experience of working in an Investment Banking environment
- Project Management experience delivering tools/data management solutions
- Industry recognised certifications such as CISSP, CISA, CRISC, PRINCE2