Mar 6, 2018
Non-Japan Asia-Singapore-Singapore-Singapore (Asia Pac)
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm’s 55,000 employees, located in 1,200 offices across 43 countries.
Division & Department Profile
The mission of the global Enterprise Technology & Risk (ETR) division is to provide a highly reliable and commercial technology platform, which supports the Firm’s strategy, delivered by an innovative, world-class team of professionals. Technology & Information Risk (TIR) is part of the ETR organization and manages operational and technology related risks on behalf of the Firm. TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology and Data understands how to manage escalate and monitor risk. The mission of the Cybersecurity organization within TIR is to identify and protect Firm assets through proactively assessing threats and vulnerabilities and detecting events, and ensuring resiliency through agile response and recovery.
With Cybersecurity, Morgan Stanley’s state-of-the-art Fusion Center (Fusion) is charged with understanding, detecting, and responding to cyber events, vulnerabilities and incidents that threaten the Firm’s clients, assets, and reputation. Partnering with key stakeholders across Enterprise Technology & Risk and the Business Units, Fusion manages cyber events from detection through response to resolution, and serves as the Firm’s focal point for cyber communications and reporting. Fusing together information received externally from our partners and internally from our detection and analytics teams to enable rapid decision-making, Fusion is the cornerstone of the Firm’s agile and adaptive cyber defense strategy - enabling the Firm to rapidly align our defensive capabilities to adapt to changing adversary threats.
Fusion’s Cyber Event Management (CEM) team is responsible for orchestrating a rapid Firm-wide response to any cyber threat, vulnerability, or incident that introduces risk to the Firm, taking into consideration the nature and criticality of the cyber event; the Firm’s assessed or potential exposure; the Firm’s control posture; and the level of actual or potential business impact.
The global Fusion Center is a 24/7 operation with members in key geographic locations; this requires the role to cover shifts during weekday core hours, plus occasional evening and weekend on call for Cyber Event Management as required.
Reporting in to the Singapore CEM, the Cyber Event Manager (CEM) VP in Singapore will be a critical part of our 24/7 global Fusion enterprise. A successful Cyber Event Manager must have an appropriate mix of cybersecurity knowledge, communication skills, interpersonal skills, and operational experience. Fusion Singapore is a new node in the Fusion enterprise and will be stood up and operationalized in 2018; a successful candidate should ideally have a solid foundation of Morgan Stanley technology and business experience to ensure that the Singapore Center integrates effectively within the larger Fusion construct as well as within the Firm.
- Assist in the development and implementation of Fusion Asia in Singapore, working with Fusion leadership and program and business management to operationalize the Center including establishing comprehensive ‘follow the sun’ workflow processes
- Orchestrate cyber event management from detection to resolution to recovery for cyber threats, vulnerabilities, or incidents that threaten the Firm’s clients, assets, or reputation
- Develop, maintain, and continually refine Fusion standard operating procedures for escalation, communication, and response
- Conduct cyber incident scenario preparation including scenario development with stakeholder teams, Cyber playbook development and documentation, incident simulations and exercises, as well as post-incident reviews
- Develop, exercise and continually refine Cyber playbooks for a range of potential threat scenarios
- Maintain knowledge of current and emerging cyber threats to the Firm
- Work as part of the global CEM community to develop and tune Morgan Stanley Fusion event response operations
Skills Required (essential):
- 5+ years of professional experience within security roles, preferably within financial services, law enforcement, the military, and/or the intelligence community.
- Excellent writing, presentation, and communication skills (for event management and pre/post event response development).
- Strong interpersonal skills.
- Experience in cyber security investigations and understanding of cyber threat landscape.
- Knowledge of information security threat type and their composition.
- Knowledge and experience of computer security incident investigations and response processes.
- Ability to distil technical and complex information into easy to understand business terms for management.
- Experience designing and orchestrating cyber event exercises.
- Experience of Major Incident Management.
- International experience or experience working for a global organization.
- Willingness to learn about the technology and cyber threat environment.
- Experience in 24/7 operational environment.
- Certified Information Systems Security Professional (CISSP).
- Certified Information Security Manager (CISM).