Tech Risk Testing Director

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments, and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture. The cornerstone of Morgan Stanley's risk management philosophy is the execution of risk-adjusted returns through prudent risk-taking that protects Morgan Stanley's capital base, liquidity and franchise. Non-Financial Risk (NFR) refers to the risk of actual or potential economic, reputational, regulatory, financial reporting and client impact, resulting from inadequate or failed internal processes, people, and systems, or from external events impacting the full scope of its business activities, including revenue-generating activities and infrastructure groups. NFR is part of the Second Line of Defense providing independent oversight and challenge to management across compliance and operational risks. Given the nature and breadth of operational risk, operational risks are managed at multiple levels e.g. Firmwide, as well as Regional, Business Unit, Infrastructure Group, Control Function and Legal Entity. The NFR Cyber, Technology and Information Security (CTIS) Department is focused specifically on managing cyber, technology and information security risks. NFR CTIS brings together rules management, standard setting, assessing risk, process and controls by technology domains, advising the business, and an oversight and testing function to provide a comprehensive risk management decision for cyber, technology and information security related risks. Cybersecurity, Information Security and Technology risk management is critical to ensure the confidentiality, integrity and availability of Firm Information, Systems and Assets. Cybersecurity risk refers to managing and protecting the Firm's information assets and operations from cyber threats, e.g., cyber events or attacks resulting from inadvertent or intentional acts involving deception, falsification, destruction, etc. Information Security risk refers to protecting the confidentiality, integrity and availability of Firm's information and systems, e.g., internal and external threats that could result in unauthorized disclosure, misuse, alteration or destruction of confidential information and systems. Technology risk refers to ensuring and protecting the availability, stability, capacity and recovery capabilities of the Firm's key systems, e.g., loss, damage or business disruption resulting from inadequate or failed processes, people and systems or from external events. Morgan Stanley is seeking a Risk professional to join the Non-Financial Risk Cyber, Technology and Information Security (NFR CTIS) Testing Team based in Alpharetta. The successful candidate will plan and execute full scope and other tests on engagements assigned by Technology Risk Testing Manager. The Technology Risk Testing team is part of the broader Global 2LOD Non-Financial Risk Testing organization. The team plans and executes the Technology Risk annual testing plan.