Cloud Security Engineer - Identity & Access Management

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. We advise, originate, trade, manage and distribute capital for governments, institutions and individuals. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. We provide you a superior foundation for building a professional career where you can learn, achieve and grow. 

CDRR – Privileged Access – Cloud Security Engineer

The mission of Cyber Data Resilience and Risk is to deliver first-line defenses to manage risks to Firm technology, information and cyber threats through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner.

Our vision is to deliver Programs that protect and enable the business, ensure secure delivery of services to our clients, adjust to address the risks presented by an evolving threat landscape, meet regulatory expectations, and offer highly attractive career opportunities.

This role is to be part of the Privileged Access fleet, part of Identity and Access Management function, within the CDRR which aims to support effective design, operation, measurement, and management of Privileged Access controls that reduce information and operational risk across all lines of business to meet the regulatory and audit requirements and Firm’s policies. The Privileged Access fleet designs, develops and deploys Privileged Access controls for both on-premises and public cloud infrastructure, and middleware technologies.

The candidate will be part of the global team with global responsibilities of the below:

Responsibilities:

• Cloud Engineer - Partner with Cloud and Security Design teams to architect and engineer requirements, for public cloud access.
• IAM (Identity & Access Management) Architect – The role shall be responsible for developing integrated solutions between the firms existing Policy Based Access Controls (PBAC) and new services being deployed both on-premises and within public cloud.
• Integrate PBAC as service solution to Morgan Stanley environment across multiple public cloud providers including but not limited to Azure, AWS and GCP.
• Serve as SME for Cloud IAM especially for GCP
• Define framework to leverage IDPs, external services and information points to provide context aware access control solution.
• Draft, compile and give presentations on different occasions and forums to present informational updates and summaries to a broad range of audiences including senior management, infrastructure owners, representatives from all lines of business, and end users.
• Participate in compliance reviews and field requests from audit and other governance functions.
• Mentor internal team and create detailed documentation and knowledge base articles.

Required Skills:

• Bachelor’s degree in computer science/engineering, Information security or similar.
• 10+ years of work experience in a similar role.
• 3+ years’ experience implementing Google Cloud IAM in large corporate scale deployments
• Deep understanding of authorization models (RBAC, ABAC, ReBAC, PBAC) and experience working with moderate to large scale enterprise architectures.
• Proficiency in Python and shell scripting
• Experience with CI/CD tools like GitHub Actions, Jenkins and GitOps implementations.
• Knowledge of securing applications leveraging modern authentication protocols as OIDC, mTLS.
• Savvy troubleshooting skills on a variety of disparate technologies (web, infrastructure, OS, application).
• Ability to manage multiple tasks and deliverables simultaneously and in an organized and results-oriented manner.
• Excellent people skills since this position interacts with all levels of resources across the organization.
• Comfortable working as an integral member of a global organization with team members, stakeholders, upper management and clients in different regions across Asia, EMEA and North America
• Open-minded, Independent problem-solving and highly motivated team player.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices​ into your browser.

Expected base pay rates for the role will be between $120,000 and $170,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).