Regional Manager for EMEA Computer Emergency Response Team (CERT)
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Technology works as a strategic partner with Morgan Stanley business units and the world's leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley's sizeable investment in technology results in quantitative trading systems, cutting-edge modelling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients' businesses and to our own.
TIR's mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive, and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology and Data understands how to manage, escalate and monitor risk.
Morgan Stanley is seeking a regional manager for our EMEA (Europe, Middle-East and Africa) Computer Emergency Response Team (CERT). The MSCERT team is responsible for detecting, investigating and responding to cyber security incidents. The global CERT is a 24/7 operation with members in key geographical locations. MSCERT work core hours in their region with an on-call rota for critical incidents as needed.
Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques and procedures of attackers. This role requires a detail oriented, critical thinker who can anticipate issues and solve problems. Experience in a similar operational environment is desirable but not essential.
This is a technical team management role which involves leading a team of security analysts and incident responders. This is a technical and hands-on role where the correct candidate will, in addition to management of staff will be responsible for the oversight and participation in security investigations as well as the advancement of the team's incident response capabilities.
- Represent MSCERT within the EMEA region, providing the decision making authority within the region
- Manage and lead a regional team of security analysts and incident responders
- Investigate and oversee the investigations of cyber security incidents and threats using network and host forensic techniques
- Improve the detection, escalation, containment and resolution of incidents
- Enhance and adapt existing incident response methods, tools, and processes for the changing threat landscape.
- Maintain knowledge of threat landscape by monitoring OSINT and related sources
Required Skills and Experience:
- Excellent written and oral presentation skills are required in order to communicate findings and recommendations and provide status on ongoing investigations
- Experience in the management and development of technical security professionals
- Solid foundation of computing computer security principles, protocols algorithms and techniques
- Strong analysis, problem solving and critical thinking skills necessary to perform root cause analysis of cyber security issues
- Familiarity with Windows or Linux/Unix logs, forensics and internals
- Understanding of cyber adversarial Tactics Techniques and Protocols (TTPs)
Desired Skills and Experience:
- Prior experience leading incident response teams or other teams within an operational environment such as SOC, CSIRT or CERT
- Prior experience with security products and technologies, especially related to event and incident handling (e.g. SIEM, HIDS/NIDS, AV)
- Prior experience in performing network and host forensic investigations (eDiscovery, Cyber Incident Response)
- Reverse Engineering of malware using static and dynamic analysis techniques
- Creation and implementation of security monitoring use-cases and analytics
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-AM2