Senior Security Analyst

4 days left

Morgan Stanley
North Lanarkshire
31 Aug 2017
28 Sep 2017
Contract Type
Full Time
Company Profile
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Department Profile
The mission of the Global Technology division is to provide a highly reliable and commercial technology platform, which supports the Firm's strategy, delivered by an innovative, world-class team of professionals. There are ten divisions within Technology.
Technology & Information Risk (TIR) is part of the Global Technology and Data organization and manages operational and technology related risks on behalf of the Firm. The group's key principles are to provide proactive, comprehensive and consistent risk management, to enable the execution of the Firms strategy.

TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology and Data understands how to manage escalate and monitor risk.
Team Profile
Morgan Stanley is looking for a Senior Security Analyst to join the firm's Computer Security Incident Response Team (CSIRT). Senior Security Analysts are responsible for taking a lead on incidents, improving response processes and mentoring junior analysts. The global CSIRT is a 24/7 operation with members in key geographical locations. Senior Security Analysts work core hours in their region with an on-call rota for critical incidents.
Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques and procedures of attackers. This role requires a detail oriented, critical thinker who can anticipate issues and solve problems. Experience in a similar operational environment is essential.

Primary Responsibilities
- Take a lead on investigation of cyber security incidents and threats
- Enhance existing incident response methods, tools, and processes
- Train and mentor junior Security Analysts
- Improve the detection, escalation, containment and resolution of incidents
- Interact with stakeholders and leadership teams as part of the response efforts
- Maintain expert-level knowledge of technologies and the threat landscape
- Assist during non-core business hours during an emergency, critical or large-scale incident

Skills required (essential)
- Experience of an operational environment such as a SOC or CSIRT
- Excellent writing and presentation skills are required in order to communicate findings and recommendations and provide status on ongoing investigations
- Experience with security products and technologies, especially related to event and incident handling (e.g.SIEM, HIDS/NIDS, AV)
- Incident Response workflow development and automation
- Deep understanding of TCP/IP, common application-layer protocols and network architecture within an enterprise environment
- Deep familiarity with common operating systems
- Deep understanding of attacker TTPs
- Exceptional log analysis skills
- Scripting skills and an in-depth knowledge of how software works
- Malware analysis (dynamic analysis)

Skills desired
- Industry certifications: GCIH, GREM or other related SANS certifications
- Penetration testing and/or forensics experience
- Splunk
- Reverse engineering malware (static analysis)

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-AM2