Senior Incident Responder - CERT
Location:
New York , New York
Posted:
February 23, 2017
Reference:
3080208
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Technology
Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modelling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses-and to our own.

Technology Information Risk (TIR)
TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive, and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology understands how to manage, escalate and monitor risk.

Position Description
Morgan Stanley is seeking to add a hands on senior member to its Computer Emergency Response Team (CERT). The role is within its computer security incident response (CSIRT) function performing incident response, campaign assessments, intelligence collection, network and host based forensics Responsible for highest-level of incident analysis, in-depth threat research, leading and executing response and remediation plans.

The individual will lead investigations around potential intrusions, research cyber-attacks, malware, and threat actors to determine potential impact and provide remediation guidance.

- Investigate cyber security incidents and threats
- Interact with senior stakeholders and leadership teams as part of the response efforts
- Improve the detection, escalation, containment and resolution of incident
- Enhance existing incident response methods, tools, and processes
- Collect, assess and catalogue threat indicators
- Maintain knowledge of the threat landscape by monitoring OSINT and related sources
- Tear apart a piece of malware to understand attack vector and likely purpose
- Assist during non-core business hours during an emergency, critical or large-scale incident

This position requires a detail oriented, critical thinker who can anticipate issues and solve problems. Experience in an operational environment such as SOC, CERT required. Demonstrable experience leading incidents and the ability to showcase community contributions via mailing lists and ISACs is recommended.

Qualifications
Required Skills
- Strong experience with security products and technologies, especially related to event and incident handling (e.g., SIEM, HIDS/NIDS, AV, signature and behavioral-based systems).
- Excellent writing and presentation skills are required in order to communicate findings and recommendations and provide status on ongoing investigations
- Detailed technical understanding of security incidents and alerts
- Experience in malware analysis (static/behavioral), penetration testing and forensics
- Reverse engineering and malware analysis
- Deep familiarity with operating system and network concepts
- Ability to execute against high-level objectives
- Industry certifications: GCIH, GREM or other related SANS certifications
- Previous Team Lead Experience

Skills Desired
- Response workflow development and automation
- Splunk familiarity/experience is a plus.

A little about us:
Since its founding in 1935, Morgan Stanley and its people have helped redefine the meaning of financial services.

Know someone who would be interested in this job? Share it with your network.