Cloud Security Requirements Lead

Cloud Security Requirements Specialist – AI&ML – P3 - Director - Cyber Security

Company Profile:

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 42 countries, the Firm's employees serve clients worldwide including corporations, governments, institutions, and individuals. For further information about Morgan Stanley, please visit www.morganstanley.com.
 

Cyber Data Risk & Resilience:

The mission of Cyber Data Risk & Resilience (CDRR) is to deliver first-line defences to manage risks to Firm technology, information and cyber threats through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner. Our vision is to deliver Programs that protect and enable the business, ensure secure delivery of services to our clients, adjust to address the risks presented by an evolving threat landscape, meet regulatory expectations, and offer highly attractive career opportunities.

Profile Description:

The Cloud and Platform Security team securely enables the firm to leverage cloud-native services at enterprise scale. This team designs the security requirements that must be adhered to in cloud as well as builds the tooling and automation needed to provide enterprise capabilities to protect the firm and make securing workloads easier for application teams. The team is currently looking for a Cloud Security Requirements Specialist for Artificial Intelligence and Machine Learning Services. The successful candidate will develop security requirements for AI& ML cloud services to be implemented by dedicated cloud security engineering teams. The successful candidate will work with some of the best professionals in the business, for a firm that values individual intellect as much as teamwork.

What you’ll do in the role:

• Carry out in-depth security research and testing of AI/ML services across Microsoft Azure, AWS and GCP.
• Develop security requirements that enable the secure use of AI/ML cloud services at scale.
• Collaborate closely with AI/ML engineering teams to understand use cases and stakeholder requirements.
• Drive consensus on proposed security requirements for AI/ML services across multiple cloud engineering teams.
• Identify areas of risk on AI/ML projects where security requirements cannot be fully addressed in the required time frame of the project. Identify and propose mitigating controls as necessary.
• Provide security expertise to engineering and development teams, acting as a project team member providing consulting advice and ensuring security requirements are implemented in a scalable, reusable way.

What you’ll bring to the role:

• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent 3-7 years of practical experience.
• Information Security background with experience in risk assessments and security architecture design and reviews.
• Experience hardening cloud resource configurations to comply with internal and external regulations and controls.
• Detailed knowledge of cloud architectures and related security technologies (IAM, DLP, configuration assurance, security automation, GRC, etc.)
• Knowledge of cybersecurity threat types, their composition and mitigation techniques.
• Proficiency in at least one of the major Cloud Service Providers (GCP, AWS, Azure).
• Foundational knowledge of cloud AI Services, including Azure AI Foundry, Azure AI Search, Azure OpenAI, Azure AI Services, Azure AI Safety Content, AWS Bedrock, Anthropic on AWS Bedrock, and Google Vertex AI.
• Strong critical thinking ability and cybersecurity mindset.
• Ability to write documentation for all types of audiences, from very specific technical guides to higher level research on technologies and vendors.
• Excellent communication / interpersonal skills to be able to interact at all levels & be effective as part of a broader team, capable of taking broad objectives and create and execute a concrete plan.
• Ability to manage expectations and handle high-pressure situations with tight deadlines.
• Experience in an Information Security role in an enterprise environment.
• Ability to quickly adapt to changing priorities and demands.
• Ability to work independently and self-motivate.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

Expected base pay rates for the role will be between $95,000 and $135,000 per year for Director and between $120,000 and $170,000 per year for Vice President at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).