Dir, P3, Cybersecurity Eng III Job Level Director

*IMPORTANT* Recruiter will finalize JD with the Hiring Manager during the intake meeting once role opens in Workday to ensure it meets Firm job description guidelines and Job Architecture requirements. Please ONLY populate the relevant INSERT sections below. Further guidance on job descriptions can be found by typing careers in your browser.

Were seeking someone to join our Cyber Platform team as a Director in Threat Hunt and Cyber Detection as a SIEM/SOAR content developer.

Primary Responsibilities
Cyber Response Platforms is looking for an experienced (5 years) cyber-security professional to join their team as a SIEM/SOAR content developer. Our ideal candidate has hands-on experience in computer network defence working either in or for a Security Operations Center or Cyber Incident Response Team.

You will join a team of technologists and cyber-security professionals that are dedicated to improving the coverage quality and automation of cyber-security detection and response.

Develop playbooks and automation in SOAR with analysts to improve efficiency of the SOC.
Develop analytics in Splunk (SPL) or Elastic Search (EQL) to detect actionable security alerts.
Design and develop integrations to connect to internal and external services.
Work alongside incident response analysts to automate the response to security incidents and improve security response coverage.
Perform analysis of security posture including recommending improvements to controls and processes.
Automate auxiliary team processes with SOAR playbooks.
Monitor and support SIEM and SOAR platforms to ensure security and stability of SOC infrastructure. Skills required (essential)

Minimum of 3 years of experience in cyber detection engineering or incident response
Minimum of 1 year of experience developing automations in SOAR
Experience in the creation and management of detection logic in SIEMs (e.g Splunk ArcSight Microsoft Sentinel)
Intermediate experience developing scripts in Python
Strong knowledge of exploitation techniques (e.g. MITRE ATT&CK) and use-case development
Thorough TCP/IP and protocol experience (OSI L2-L7 DNS HTTP REST SOAP)
Strong communication task management and organizational skills
Highly experienced with Unix/Linux command-line tools and shell scripting

Skills desired
Experience within the application of Indicators of Compromise (e.g. YARA rules STIX and TAXII)
Strong hands-on experience with a query language (e.g Splunks SPL or Elastics EQL SQL)
Experience with streaming data frameworks (e.g. Kafka NiFi Spark)
Experience with CI/CD technology (e.g Jenkins GitLab CI GitHub Actions)
Experience in the administration of systems (e.g. servers desktops) or security controls (AV Endpoint IDS)

E What you can expect from Morgan Stanley RECRUITER to add standard global paragraph

F Standard Description of location GCs/Paris/Frankfurt only RECRUITER to insert where applicable

G Regional insertions e.g. Equal Opportunities Statement Wage transparency (if required) Regulatory etc. RECRUITER to insert standard disclosures for location and division where applicable

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first doing the right thing leading with exceptional ideas committing to diversity and inclusion and giving back - arent just beliefs they guide the decisions we make every day to do whats best for our clients communities and more than 80000 employees in 1200 offices across 42 countries. At Morgan Stanley youll find an opportunity to work alongside the best and the brightest in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey offering some of the most attractive and comprehensive employee benefits and perks in the industry. Theres also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe please copy and paste into your browser.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds talents perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting developing and advancing individuals based on their skills and talents.