Assistant Vice President, Corporate Equity Solutions - Business Risk & Controls Manager and Information Security
New York , New York
October 23, 2017
Morgan Stanley's Wealth Management (WM) provides a range of wealth management products and services for individuals, businesses and institutions. These services include brokerage and investment advisory, financial and wealth planning, credit and lending, cash management, annuities and insurance, retirement, trust and estate planning, stock plan administration and institutional consulting.

The Corporate Equity Solutions (CES) organization includes Global Stock Plan Services (GSPS), Executive Financial Services (EFS), and Directed Share Program (DSP).
• GSPS provides full or partial record-keeping services to their corporate clients' equity-based employee benefit plans and their plan participants.
• EFS is responsible for reviewing and approving the purchase, sale, and margin of restricted and control securities under Rule 144 of the Securities Act of 1933, the Securities Exchange Act of 1934, and state regulations. EFS also establishes, executes, and monitors 10b5-1 trading plans for clients, which enable corporate executives to diversify their concentrated positions and provides an affirmative defense against allegations of insider trading.
• DSP business administers DSPs for Morgan Stanley's institutional clients during an initial public offering.

Position Summary:

The CES Business Risk & Controls Manager will be responsible for supporting Business Operational Risk and Control efforts across the business, with a strong focus on Information Security, Entitlements, and Business Continuity. Primary responsibilities include:

Information Security/Business Unit Information Security Officer:
- Perform entitlements reviews such as semi-annual monitoring, enterprise role review, segregation of duties review, and internal transfer reviews. Coordination with business stakeholders required.
- Analyze and report data security incidents and breaches in accordance with Firm standards and procedures.
- Conduct annual refresh and approval of Business Continuity Plan (BCP). Includes coordination of annual remote BCP/application and rapid notification system testing.
- Coordinate with the business vendor relationship owners and WM Business Unit Risk Officer to complete required vendor reviews (i.e. security architecture, BCM, information security), including tracking and completion of any subsequent findings/follow-ups.
- Work closely with the WM Infrastructure Risk on program requirements and new initiatives.
- Serve as the CES information security representative and act as the liaison between WM Risk and the business.
Additional responsibilities may include:
Policy and Procedure Management:
- Partner with the CES business areas to ensure field-facing policies and procedures are created and reflective of current business processes.
- Validate that all policies and procedures meet Firm standards and are centrally maintained.

- Support the CES Business Risk and Controls RCSA lead in the annual RCSA process. Includes coordination across the various business stakeholder and related support functions.

Audit and Compliance Management and related Remediation:
- Serve as a liaison between the business, Audit and Compliance, including the management of documentation requests during Audit and Compliance reviews and closure verification.
- Monitor and track remediation of issues and actions risk issues in conjunction with the business. Validate that implemented controls are designed to mitigate the risk and that the required documentation has been uploaded into OpenPages.

Supervisory Oversight of Procedures/Controls Testing:
- Provide independent oversight of select key controls performed by the business.
- Support control enhancement and/or remediation efforts.
- Test key business controls through a structured approach and communicate results with management and key stakeholders.
- Detect control gaps and identify solutions and enhanced controls.

Knowledge and Skills Required:
• 5 years of industry work experience in a compliance, risk or audit related area preferred
• Series 7 and 24 preferred
• Experience with risk disciplines, processes, and controls
• Strong written, verbal and interpersonal skills to interact effectively with business partners
• Detail-oriented with the ability to leverage available resources to work efficiently
• Self-starter capable of solving problems and managing projects from start to finish. Must be highly motivated with a strong work ethic and a will to succeed
• Needs to be collaborative and able to build effective working relationships. Ability to work in a team environment and partner with multiple individuals across various groups
• Proficiency in Microsoft Word, Excel and PowerPoint

A little about us:
Since its founding in 1935, Morgan Stanley and its people have helped redefine the meaning of financial services.

Know someone who would be interested in this job? Share it with your network.