Associate - Data & Technology Governance and Project Management
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
The talent and passion of our people is critical to our continued success as a firm. Together, we share five core values rooted in integrity, excellence and strong team ethic:
1. Putting Clients First
2. Doing the Right Thing
3. Leading with Exceptional Ideas
4. Giving Back
5. Committing to Diversity and Inclusion
Morgan Stanley is committed to helping its employees build meaningful careers and we strive to be a place for people to learn, achieve and grow. Firm Risk Management
Firm Risk Management (FRM) enables Morgan Stanley to achieve its business goals by partnering with business units across the Firm to realize efficient risk-adjusted returns, acting as a strategic advisor to the Board and protecting the Firm from exposure to losses as a result of credit, market, liquidity, operational, model and other risks.
Our mission is to serve as the follow roles:
• Independent agent to set consistent principles and disciplines for risk management
• Strategic advisor to Firm management for setting risk appetite and allocating capital
• Industry leader to influence and meet regulatory standards
You will collaborate with colleagues across FRM and the Firm to protect the Firm's capital base and franchise, advise businesses and clients on risk mitigating strategies, develop tools and methodologies to analyze and monitor risk, contribute to key regulatory initiatives and report on risk exposures and metrics to enable informed and strategic decision-making. Through thoughtful analysis and clear communication we are best able to bring our ideas to the table and improve the Firm.
Firm Risk Management values diversity and is committed to providing a supportive and inclusive workplace for all employees.
Firm Risk Management's unique franchise promotes:
• Flat, flexible and integrated global organization
• Collaboration and teamwork
• Credible, independent decision-making
• Organizational influence
• Creative and practical solutions
• Meritocratic and diverse culture
The Operational Risk Department (ORD) is searching for an experienced program manager at the Associate level to support the formation and operation of the cross-divisional Sensitive Data Security Governance Committee (SDSGC), a sub-committee of the Firm?s Operational Risk Oversight Committee. SDSGC is principally focused on the oversight of the security and protection of Sensitive Data throughout it?s lifecycle without significantly impacting business operations. The SDSGC achieves this objective by providing oversight of the Firm?s Sensitive Data Protection Programs, focused on ensuring Sensitive Data is protected during data creation, collection, storage, use, transmission and disposal. In carrying out this responsibility, the SDSGC provides strategic direction and monitors progress and completion of Sensitive Data Protection objectives, including formal assessments and monitoring. The selected candidate will also support the delivery of management information and status reporting to Morgan Stanley governance forums, as appropriate. Core Responsibilities
• Support the formation and operation of the Sensitive Data Security Governance Committee (SDSGC) including:
o Maintaining SDSGC procedures, charter, committee membership, meeting frequency and agenda
o Manage SDSGC presen tations including materials coordination with stakeholders and ensuring proper preparation, vetting, and management review
o Manage SDSGC meetings arranging the preparation of minutes (key discussion topics, decision and action items), and tracking status of action items following the SDSGC meeting
o Own the end-to-end process on behalf of senior ORD management
• Support prioritized workstreams and projects emanating from SDSGC; monitor progress against established milestones.
• Support formation and operation of subordinate SDSGC working group(s)
• Support senior level governance reporting within SDSGC and to onwards governance forums
• Support associated internal management and regulatory reporting requirements
• Support the Sensitive Data Security Governance (SDSG) Program including policy interpretation, guidance, point of escalation, project plan initiation and support and general SDSG subject matter expertise.
o Tracking and escalation of internal and regulatory commitments
o Identify, vet and address potential risks or escalated issues with the assistance of functional partners and key stakeholders.
o Review key SDSG metrics to identify patterns of activity, outliers and opportunities for the SDSG process enhancements.
• Maintain sufficient understanding of the Firm's Global Data Policy and Strategy to recognize opportunities and leverage aspects in the SDGC Framework.
• Enhance/build solid relationships with stakeholders across the Firm in order to ensure the effective functioning of the Data Security Governance Program.
• Hold all stakeholders accountable for meeting agreed upon action items. Qualifications: Skills Required
• 5-7 years experience as a program manager; knowledge of operational risk management
• Demonstrated ability to understand and translate data security/privacy compliance requirements and business needs into enterprise-wide data security/privacy standards and policy
• Working knowledge of information security/privacy standards and best practices (e.g., NIST, SANS) as well as regulations related to information security and data confidentiality (e.g. NYS SHIELD Act, FERPA, HIPPAA, PCI, GDRP, etc.)
• Exceptional verbal and written communications skills. This includes but not limited to: ability to communicate effectively with people at varying levels of technical fluency and various levels of management
• Prior experience in financial services or consulting
• Prior experience in role that require operating via influence, without direct reporting line authority
• Prior experience in roles that require managing a complex process with multiple senior stakeholders
• Strong communication, leadership and project management skills
• Advanced knowledge of Microsoft Excel, PowerPoint, resource management, effort/time estimation for projects
• Excellent presentation skills - both verbal presentation and creating written presentations
• Ability to create tiered reporting of project status for various levels of management
• Strong organizational skills with the ability to multitask and prioritize
• Experience in management by influence, facilitating and gaining consensus
• Proven ability to anticipate and identify risks and effective mitigants
• Proficient in developing Microsoft SharePoint and Jive Sites