Technology Risk Manager - Vice President
Company: Morgan Stanley
Location: New York, New York
Posted: December 20, 2017
Reference ID: 3102280
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modeling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses-and to our own.
MS Wealth Management (MSWM) Technology
Morgan Stanley Wealth Management (MSWM) Technology is the global technology department responsible for the design, development, delivery and support of the technical solutions behind the products and services used by the Morgan Stanley Wealth Management (MSWM) business. The department is comprised of 10 organizations: Sales, Banking & Corporate-Client Technology, Investment Products & Markets Technology, Client Reporting, Core Processing, Private and International Wealth Management Technology, Technology Integration Office, Enterprise Infrastructure & Production Management, Capital Markets Application & Data Services, Deployment Planning & Release Management, and the Chief Operating Office. Morgan Stanley Wealth Management (MSWM) Technology works with large scale databases such as DB2 and SQL Server, proprietary and non-proprietary messaging software, a broad variety of vendor products, numerous financial exchanges and regulatory entities, and programming languages ranging from .Net and Java to Cobol and VB.Net.
Technology Risk Manager, focusing on support for Morgan Stanley's two U.S. Banks: Morgan Stanley Bank, N.A. (MSBNA) and Morgan Stanley Private Bank, National Association (MSPBNA). These banks are independent national banks and wholly-owned subsidiaries of Morgan Stanley. Because of their national bank charters and ability to attract stable insured deposits, the Banks represent valuable franchise-enhancing strategic assets to the Firm.
The U.S. Banks Technology team is responsible for supporting Bank business and growth by managing the provision of technology within a regulatory-compliant, risk-managed framework in a cost effective manner. The team is seeking an experienced Technology Risk Manager to provide ongoing monitoring of the Banks' technology risk landscape including the identification, tracking, reporting, and oversight of risks and remediation activities, as well as participation in the evolution and execution of the Bank technology risk program.
• Developing an understanding of the Banks' business models and familiarity with technology services provided by the affiliate technology organization, as well as familiarity with active technology programs and their impact to each Bank.
• Developing a process to manage the banks' application inventories to ensure the inclusion of relevant applications and allow for accurate risk reporting.
• Identifying weaknesses in the technology control environment, and recommending improvements in processes and procedures, effectiveness and efficiency of control mechanisms and methods of risk reduction to satisfy a variety of regulatory standards and requirements.
• Participating in the annual Technology Risk and Control Self-Assessment control effectiveness and inherent/residual risk rating activities.
• Providing technology risk reporting as needed for governance forums, including: monthly Risk Working Group and Technology and Security Risk Management Committees, and quarterly Technology Steering Committees
• Tracking Bank-impacting technology risks and influencing the prioritization of remediation activities.
• Enhancing risk landscape report by proposing, gathering and reviewing technology risk metrics in order to assess risk and their relative impact to the Bank.
• Participating in technology and information security governance forums to represent Bank interests.
• Assessing the impact of technology risks to the Bank and making recommendations on decisions related to risk acceptances.
• Participating in preparing responses to technology-related regulatory requests. *LI-DC1
• Bachelor's degree in Information Technology, Business, Economics, or Finance
• Five plus years of experience in a similar role in financial or banking services
• Thorough knowledge of Federal Financial Institutions Examinations Council (FFIEC) technology requirements and technology processes including technology governance, information security, business continuity planning, systems development, project management, and supplier management
• Sound understanding of risk assessment methodologies, internal controls and industry technology risk management frameworks such as NIST, ITIL, CobiT, and ISO 27001
• High level of attention to detail and focus on precision
• Highly refined oral and written communication skills with ability to articulate clearly to technical and non-technical audiences including senior management, and to communicate difficult messages in a professional and productive manner
• Excellent interpersonal and leadership skills with the ability to navigate complex organizations, quickly build credibility, influence, negotiate, build consensus, and make recommendations to all levels
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
• Advanced Excel skills, including data import, pivot tables, lookups and data analysis
• Excellent analytical skills, and ability to learn to navigate systems, access data, reconcile numbers from different sources, identify discrepancies and understand drivers of change within data.
• Familiarity with banking principles including capital adequacy, stress testing and liquidity risk
• Familiarity with banking products including securitized loans, mortgages, securities based lending, and high net worth lending
• CRISC, CISA, CISM, or CISSP accreditation preferred. ISACA membership a plus
• Working knowledge of the FFIEC IT Handbook and OCC Heightened Standards