Director – Technology & Cybersecurity Audit at Morgan Stanley

New York, New York, United States -

Full Time

Start Date

Immediate

Expiry Date

04 Feb, 26

Salary

155000.0

Posted On

06 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, IT Audit, Risk Assessment, Data Analytics, Cloud Platforms, Networking, Application Controls, Audit Principles, Continuous Monitoring, Mentorship, Stakeholder Engagement, Emerging Threats, Infrastructure, Scripting, Programming, Regulatory Frameworks

Industry

Financial Services

Description

Help identify risk and impact to cybersecurity, infrastructure, and technology governance across multiple technology domains, including cloud, virtualization, and emerging threats to prioritize areas of focus Execute and lead aspects of assurance activities (e.g., audits, continuous monitoring, closure verification) focused on cybersecurity, infrastructure, and application controls to assess risk and formulate a view on the control environment Facilitate conversations with technology stakeholders on risks, their impact and how well they are managed in a clear, timely and structured manner Assist in managing multiple deliverables in line with team priorities Partner with application technology and business auditors to deliver integrated audit coverage Solicit and provide feedback and participate in formal and on-the-job training and mentorship to further develop self and peers Minimum 4+ years of IT audit experience auditing cybersecurity controls, infrastructure, and general IT controls Strong understanding of audit principles, methodology, tools, and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring) Understanding of business line, key regulations and industry frameworks relevant to coverage area (e.g., NIST Cybersecurity Framework 2.0 (CSF 2.0),NIST SP 800-53 Rev. 5, ISO/IEC 27001:2022, PCI-DSS, CIS Controls, FFIEC guidelines, MITRE ATT&CK, OWASP Top 10, 2025 IIA Cybersecurity Topical Requirement, etc.) Familiarity with operating systems (UNIX, Linux, Windows, z/OS), networking (VPN, LAN/WAN, Firewalls), databases, middleware, and cloud platforms (AWS, Azure, Google Cloud) Ability to identify and analyze multiple data sources to inform point of view; data analytics and scripting/programming experience preferred Ability to ask meaningful questions, understand various viewpoints and adapt messaging accordingly Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren't just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There's also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Expected base pay rates for the role will be between $108,000 and $155,000 per year at the commencement of employment. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees. It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Responsibilities

The Director of Technology & Cybersecurity Audit will identify risks and impacts to cybersecurity and technology governance across various domains. They will lead assurance activities focused on assessing risks and formulating views on the control environment.