ET Security Engineer

Were seeking someone to join our team as a Security Engineer.

In the Technology division we leverage innovation to build the connections and capabilities that power our Firm enabling our clients and colleagues to redefine markets and shape the future of our communities.

The mission of Cyber Data Resilience and Risk (CDRR) is to deliver first-line defenses to manage risks to Firm technology information and cyber threats through risk identification control management and assurance. This allows the business to operate and grow in a secure and legally compliant vision is to deliver Programs that protect and enable the business ensure secure delivery of services to our clients adjust to address the risks presented by an evolving threat landscape meet regulatory expectations and offer highly attractive career opportunities. This is a senior leadership role within Global Identity and Access Management (IAM) - Privileged Access Management (PAM) domain which is part of Morgan Stanleys Cyber Data Risk & Resilience (CDRR) organization. This tole will be responsible for driving execution operational maturity and delivery excellence for assigned PAM capabilities and services across the enterprise. Reporting to the Head of PAM this role translates PAM strategy and priorities into scalable solutions that reduce privileged access risk across infrastructure applications cloud and DevOps environments.

Since 1935 Morgan Stanley is known as a global leader in financial services always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.

What you will do in the role:

PAM Delivery & Execution:

• Engineer and Execute initiatives aligned to the PAM roadmap

• Lead delivery of assigned PAM capabilities such as:

• Privileged account onboarding and lifecycle managemento

• Secrets management and credential vaultingo

• Privileged session management and monitoringo

• Just in Time (JIT) Just Enough Access (JEA) and Zero Standing Access (ZSP) access modelso

• Cloud DevOps and machine identity privileged access

• Ensure delivery milestones timelines and risk issues are clearly tracked and reported.

Platform & Service Ownership:

• Own operational health performance and availability of PAM platforms and services in scope.

• Drive automation standardization and repeatability of PAM onboarding and access processes.

• Partner with IAM cloud infrastructure and DevOps teams to embed PAM controls into platforms by default.

Risk & Control Effectiveness:

• Continuously evaluate and evolve PAM policy and governance framework to align with industry standards and global regulatory requirements.

• Ensure PAM controls are implemented consistently across in scope systems.

• Support audit risk and compliance activities by providing evidence and remediation plans.

• Track and report KPIs and KRIs related to privileged access coverage stability and risk reduction.

People & Operational Leadership:

• Lead and mentor a global team with supporting continuous development and performance.

• Establish operational procedures SLAs and escalation paths.

• Identify resourcing needs and skill gaps and partner with leadership on staffing plans.

Stakeholder Engagement:

• Serve as a primary PAM delivery contact for application owners infrastructure teams and technology partners.

• Resolve conflicts between security controls and delivery timelines using risk based decision making.

• Communicate progress risks and dependencies clearly to PAM and Identity Security leadership.

What you will bring to the role:

• Over 15 years of progressive experience in cybersecurity identity and access management and enterprise technology.

• Deep expertise in the DevSecOps framework with a strong focus on value delivery and sustainable practices across diverse technology landscapes.

• Exceptional leadership and communication skills consistently influencing and inspiring teams to achieve ambitious security objectives.

• Extensive hands-on leadership with enterprise-scale cybersecurity platforms and technologies.

• Proven track record applying threat modeling methodologies to privileged access identity and infrastructure scenarios.

• Comprehensive understanding of privileged access risk industry standards and frameworks and the implementation of effective controls.

• Significant experience supporting hybrid multi-cloud (AWS Azure GCP) and DevOps environments.

• Demonstrated ability to lead and develop high-performing technical teams and managers.

• Consistent success delivering large-scale complex security initiatives and projects.

• Skilled in collaborating with infrastructure application and cloud teams to achieve organizational security goals.

• Experienced in operating within regulated and audit-driven environments.

• Security certifications (e.g. CISSP CISM) or equivalent credentials will be a plus.

#LI-RG1

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

At Morgan Stanley we raise manage and allocate capital for our clients helping them reach their goals. We do it in a way thats differentiated and weve done that for 90 years. Our values - putting clients first doing the right thing leading with exceptional ideas committing to diversity and inclusion and giving back - arent just beliefs they guide the decisions we make every day to do whats best for our clients communities and more than 80000 employees in 1200 offices across 42 countries. At Morgan Stanley youll find an opportunity to work alongside the best and the brightest in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey offering some of the most attractive and comprehensive employee benefits and perks in the industry. Theres also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe please copy and paste into your browser.

Certified Persons Regulatory Requirements:
If this role is deemed a Certified role and may require the role holder to hold mandatory regulatory qualifications or the minimum qualifications to meet internal company benchmarks.

Flexible work statement
Interested in flexible working opportunities Morgan Stanley empowers employees to have greater freedom of choice through flexible working arrangements. Speak to our recruitment team to find out more.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds talents perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting developing and advancing individuals based on their skills and talents.