Security Analyst

Morgan Stanley are looking for a Security Analyst at AVP/Director level to join the Security Response team.

Department Profile

The mission of the Cyber Data Risk and Resilience division is to ensure the Firm manages its global businesses and serves clients on a market-leading technology platform that is resilient, safe, efficient, smart, fast, and flexible. The Security Response Team (SRT) is part of the Cyber Data Risk and Resilience division and manages the incident response capability to support day-to-day cross-enterprise event investigations and strategic input into security controls and countermeasures to proactively create better security for the Firm. The group’s vision is to deliver programs that protect and enable the business, ensure secure delivery of services to clients, adjust to address the risks presented by an evolving threat landscape, and meet regulatory expectations.

Team Profile

Morgan Stanley is seeking a Security Analyst (SA) to join the Firm's Cyber Incident Response Team (CIRT). The global CIRT is a 24/7 operation with members in key geographical locations performing incident response and remediation, campaign assessments, network and host-based forensics. SAs work core hours in their region with an on-call rotation for critical incidents.

Primary Responsibilities

• Investigate cyber security incidents and threats.
• Interact with stakeholders and leadership teams as part of the response and remediation efforts.
• Improve the detection, escalation, containment, and resolution of incidents.
• Enhance existing incident response methods, tools, and processes.
• Maintain knowledge of technologies and the threat landscape.
• During non-core business hours support emergency, critical, or large-scale incidents as required.

Qualifications

Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques, and procedures of attackers. This role requires a detail oriented critical thinker who can anticipate issues and solve problems. Candidates should be able to analyze large datasets to detect underlying patterns and drive to a root cause analysis.

Required Skills

• 3+ years experiences (or equivalent) with Security Analysis and Incident Response (i.e., working in SOC/CIRT/CSIRT/CERT).
• Subject matter expert in two or more areas such as Windows, Unix, firewalls, intrusion detection, network- and host-based forensics.
• Understand the end-to-end workflow of a threat across multiple technologies.
• Think like an adversary.
• Ability to reduce large datasets to identify threats to the Firm.
• Sound understanding of TCP/IP and networking concepts, security alerts, and incidents.
• Excellent writing and presentation skills are required to communicate findings, recommendations, and status of investigations.
• Experience with investigating common types of attacks, network packet analysis, log analysis, and reviewing security events.
• Ability to build mitigations to defend against network-based threats.
• Knowledge of Windows processes and Active Directory.
• Able to work extended working hours during incidents.
• Experience with developing analytic and response workflow for security event.

Desired skills

• Scripting (Python, BASH, Perl, or PowerShell), coding, or other development experience.
• In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
• Splunk usage or administration experience.
• Reverse engineering malware to understand attack vector and purpose.
• Security Orchestration and Automated Response (SOAR) experience.
• Industry certifications: GCIH, GNFA, GREM, or other related certifications.
• Financial industry experience.
• Foundational Cloud Security knowledge.
• OWASP Top 10 Knowledge.
• Security product assessments.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what’s best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

Certified Persons Regulatory Requirements:

If this role is deemed a Certified role and may require the role holder to hold mandatory regulatory qualifications or the minimum qualifications to meet internal company benchmarks.

Flexible work statement

Interested in flexible working opportunities? Morgan Stanley empowers employees to have greater freedom of choice through flexible working arrangements. Speak to our recruitment team to find out more.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.