Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career, a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
The Bank Compliance & Operational Risk Department is charged with oversight and coordination of the Compliance & Operational Risk programs for the U.S. Banks (Morgan Stanley Bank, N.A. and Morgan Stanley Private Bank, National Association). The candidate will join the department as a member of the Bank Testing team and will perform Bank Operational Risk Control reviews and controls testing for both U.S. Banks. Keys objectives include the identification of Operational Risk Control design deficiencies and the performance of testing to determine if Operational Risk controls performance deficiencies exist.
This role will require in office attendance 3 days/week.
Primary Responsibilities:
Review and understand RCSA Process, Risk, & Controls in order to perform Bank Operational Risk Testing in various Bank functions including, but not limited to, the following: Cyber, Information Security and Privacy, Business Disruption and Continuity, Errors in Valuations Models, Third Party Supplier Risk, Non-Cyber Theft and Fraud, Transaction Errors, Conduct and Business Standards and Sales Practices
Perform detailed documented assessments of processes and internal controls documentation reviews (policies and procedures) to determine if design deficiencies exist
Perform detailed testing of Operational Risk Controls to determine if controls are functioning as intended
Clearly identify and communicate written testing results to business and interested stakeholders, retain evidence in line with the retention policies and update supporting RCSA systems
Document testing results using the workpaper documentation system
Assist in the identification and remediation of Bank Operational Risk related issues found during testing
Track and monitor issue remediation and timely escalate emerging issues to senior management
Prepare well written reports
Complete reviews according to schedule
Perform additional tasks as required
At least 4 years of experience performing Bank Operational Risk or Information Technology testing/ auditing within a large Bank
Some knowledge of Banking Operational Risks with a specific focus in Cyber, Information Security, Privacy, Business Disruption and Continuity, Third Party Supplier Risks, Non-Cyber Theft and Fraud, Transaction Errors, and Banking Sales Practices
Knowledge of testing methodology and execution
Investigative skills research, inquiry, and analysis
Ability to research and resolve issues independently while working across teams to acquire information
Ability to handle a fast-paced environment with minimum supervision, be proactive/self-starter and successfully meet established deadline requirements
Compliance/Audit/Risk experience in the financial services industry, a regulator, or a self-regulatory organization is a strong plus
Excellent written and verbal communication skills
Proficiency with Microsoft Excel
Exceptional reasoning and analytical skill
Robust time and organizational management techniques
Ability to work independently and with team members and partners across the organization to complete deliverables
Certification (preferred but not required)
Certified Information System Auditor (CISA Certified Information System Security
Professional (CISSP)
Certified in Risk and Information Systems (CRISC)
Certified Data Privacy Solutions Engineer (CDPSE)
Global Information Assurance Certification (GIAC)
GIAC Security Essentials (GSEC)
Certified Public Accountant (CPA)
Expected base pay rates for the role will be between 85000 and 135000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.
Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.
It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.
Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).