Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.
Internal Audit is responsible for validating whether the Firm operates in a controlled environment with appropriate risk-management processes. Auditors evaluate the adequacy and effectiveness of the Firm's internal controls using a risk-based methodology developed from professional auditing standards. Internal Audit assists in monitoring the Firm's compliance with internal guidelines set for risk management and risk monitoring, as well as external rules and regulations governing the industry. The team reports directly to the Board Audit Committee and helps verify whether the Firm meets all of its fiduciary responsibilities to shareholders, while adhering to corporate-governance standards and legal and regulatory requirements. Internal Audit comprises Business, Risk and Technology auditors. Business and Risk auditors focus on understanding the risks that the businesses face and the controls to mitigate those risks. Technology auditors focus on the application controls supporting business processes, including systems development, application security and entitlements, production management, and technology governance. Both groups are responsible for understanding, analysing and testing the controls to protect the franchise.
Technology Audit provides system audit coverage for applications supporting each of Morgan Stanley's business segments. It also includes the Enterprise Infrastructure audit team, which covers the Firm's operating systems, platforms and data architecture, and the Data Analytics team, which is responsible for data mining and analysis.
Morgan Stanley is seeking a strong Technology Audit candidate to cover IT Infrastructure, Information Security, and Disaster Recovery Planning supporting the firm. The person in the role will assist the Internal Audit department's EMEA Technology audit team in completing its annual audit plan, communicating to senior management and providing recommendations for improvements. Technology Infrastructure Auditors focus on the infrastructure controls for the technology supporting the enterprise and are responsible for understanding, analysing, and testing the technology controls including those over architecture and configuration, systems development, cyber security and entitlements, production management and technology governance.
Manage assigned portions of technology audit projects and supervise staff on audit assignments with a focus on Infrastructure audits.
Build and maintain relationships with Technology clients.
Evaluating the adequacy of the control environment for technology infrastructure and the associated processes and evaluating compliance with internal policies and procedures, external rules and regulations.
Developing and documenting audit findings for inclusion in the Audit Report and presenting/communicating observations to line management.
Skills required (essential)
Bachelor's Degree (Computer Science or IT related preferred) or equivalent.
CISA, CISSP or CISM certification.
Extensive IT Audit experience.
Experience in auditing interfaces, infrastructure, data processing and computer general controls.
Technical knowledge of IT systems, including: Databases; Operating Systems (Unix, Linux, Windows, z/OS); Networking, including VPN, LAN, WAN, WLAN, Firewalls and associated hardware; backup and Recovery systems; Middleware and Virtualization Technologies.
Familiarity with technology risk frameworks such as COBIT, SOX, NIST and FFIEC.
A general understanding of internal audit processes including key risks identification and evaluation, audit scope and audit test plan development, and test plan execution.
A strong understanding of technology infrastructure processes, preferably through prior experience in a major bank/financial institution or equivalent complex organisation.
A proficient understanding of the financial services industry and the associated regulatory environment.
Self-motivated, able to work independently, resolve challenging issues with innovative ideas, and demonstrate strong analytical, interpersonal, and communication skills.
Ability to handle multiple projects while meeting deadlines with minimal supervision.
Experience in managing small team (2-3 members) during audit projects.
Build strong relationships with Technology clients.
Experience with Data Analysis using data mining tools.
Practical IT work experience is a plus.
Microsoft and Cisco certifications a plus.
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents. *LI-CL1