Director, Technology Risk Oversight
Job Number : 3254533
3254533
Posting Date
Jul 24, 2024
Primary Location
Americas-United States of America-Maryland-Baltimore
Other Locations
Americas-United States of America-Georgia-AlpharettaEducation Level : Bachelor's Degree
OtherEmployment Type : Full TimeJob Level : Director
Description
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services.
The Firm's employees serve clients worldwide including corporations, governments, and individuals from more than 1,200 offices in 43 countries.
Legal and Compliance Division Overview
The professionals in the Legal and Compliance Division LCD provide a wide range of services to our business units. LCD is made up of the Legal, Regulatory Relations, and Non-Financial Risk (NFR) departments which preserve the firm's invaluable reputation for integrity and protect the firm from sanctions with policies and procedures that are designed to meet regulatory requirements around the world.
We also strive to maintain cooperative relationships with governmental policy makers and the regulatory and self-regulatory agencies that govern the firm's businesses.
The role will reside within the Operational Risk Department (ORD) in the Non-Financial Risk organization focusing on Technology Risk.
Operational Risk refers to the risk of financial or other loss, or potential damage to a firm's reputation, resulting from inadequate or failed internal processes, people, systems, or from external events (e.
g., fraud, legal and compliance risks or damage to physical assets). Management works with the business units and control groups to help ensure Morgan Stanley has a transparent, consistent, and comprehensive program for managing operational risk, both within each area and across the firm globally.
This group designs, implements and monitors the company-wide operational risk program.
Technology Risk Oversight is the practice of identifying, assessing, and remediating risks related to the confidentiality, integrity, and availability of the Firm's systems and information, including associated processes and controls.
The successful candidate will be responsible for helping execute independent oversight, analysis, and monitoring of risks and controls.
Primary Responsibilities
- Identify and evaluate technology risks related to the systems and processes supporting the Firm.
- Assess whether technology controls are designed and implemented effectively so as to verify that risks are mitigated to targeted levels.
- Provide subject-matter expertise in technology to support overall risk management across the Firm, working closely with technology personnel across the Firm.
- Build and maintain strong positive relationships with the broader risk community and the technology engineering, operational and development teams.
- Review completeness and execution of relevant procedures and assess assurance mechanisms for how effectively they identify weaknesses or failures of key controls.
- Work with risk and control owners in assessing inherent and residual levels risks based on structured risk framework.
- Maintain and or oversee relevant policies and procedures related to technology, cyber and information security processes.
- Review metrics and escalation reports to monitor risk and control-related developments, issues and trends.
- Review technology risk issues as well as internal and external incidents in order to help inform an independent view of the overall technology risk posture of the Firm and its underlying legal entities.
- Provide monthly and quarterly risk reporting.
- Provide guidance on the evolving technology, cyber and information security risk landscape.
- Coordinate with colleagues who cover business units and infrastructure groups in discussing impact of technology risks on business and support
Qualifications