The role will focus on Operational Resilience for the US Banks and reside within the Firm Risk Management's Operational Risk Department (ORD), a Second Line of Defense function. This role will partner with colleagues across all lines of defense, proactively identifying, assessing, and driving mitigation of technology and security risks that impact the US Banks' Operational Resilience.
Operational Risk refers to the risk of financial or other loss, or potential damage to a firm's reputation, resulting from inadequate or failed internal processes, people, systems, or from external events (e.g., fraud, legal and compliance risks or damage to physical assets). The Firm may incur operational risk across the full scope of its business activities, including revenue-generating activities (e.g., sales and trading) and control groups (e.g., information technology and trade processing).
Primary Responsibilities
- Provide 2nd line of defense oversight and challenge of operational resilience across businesses, including representing the Operational Resilience function on relevant program governance committees and working groups.
- Support development and evolution of the overarching Framework through thought leadership and proactive challenge of business disruption risk identification, prevention and detection controls and processes, and metrics.
- Collaborate with 1st line of defense in discussing and resolving control gaps, risk trends, risk issues and incidents while also providing credible challenge of their assertions, assumptions, and conclusions.
- Partner with the relevant technology, business units and other support functions to develop a perspective on business disruption risk and ensure consideration of evolving regulatory expectations.
- Manage business disruption risk identification, measurement, and escalation in support of senior Firm leadership.
- Oversee risk assessments performing critical analysis as necessary and monitor data used to identify heightened risk and help develop risk remediation recommendations.
- Work collaboratively in a high performing global team responsible for identifying, assessing, capturing, and reporting on operational risk and risk mitigation activities.
- Coordinate with 2nd line of defense colleagues in the department who cover business units and support functions in assessing the impact of disruption risks as they relate business and support processes.
- Lead risk assessments, performing critical analysis as necessary and monitor data used to identify heightened risk and help develop risk remediation recommendations.
- Perform deep dives into material operational risk events (internal and external) and analyses of thematic operational risks.
- Perform assessments of Operational Resilience risks related to IT Asset Management and new technology implementations for the US Banks.
- Ensure establishment of the appropriate metrics and analytical tools to support the oversight of the US Banks' Business Continuity Program.
- Support sourcing and production of IT Asset Management and new technology metrics for US Banks.
- Build solid relationships in the front office, operational risk management, and other support functions related to the area of coverage.
- Develop presentations for executive management and senior risk managers, including reporting to boards and risk committees.
- Lead reviews and challenge other reviews of material operational risk events (internal and external) and analyses of thematic operational risks stemming from technology infrastructure risks.
- Lead and manage scenario analyses activities where significant and emerging risks are assessed.
- Leverage and continue to build strong knowledge and expertise of operational resilience including strategic change initiatives, to support effective review and challenge of the associated Operational Risk profile and controls.
- Build solid relationships across divisions and control groups.
Minimum Qualifications
- Bachelor's degree or equivalent, ideally in an area related to technology infrastructure risk (e.g., engineering, computer science, etc.)
- 10+ years within risk management, technology, and security risk with a focus on resilience or disruption risks (preferably in the financial services industry)
- Strong knowledge of business disruption controls, including continuity planning, system and data recovery.
- Strong risk, process, and control validation and/or assessment skills - a prior role within consulting, second line or internal audit covering risk processes is desirable.
- Demonstrated ability to collaborate across multiple functional areas while maintaining suitable independence and effective challenge.
- Confidence to take ideas forward and to challenge others, where appropriate.
- Ability to work on challenging assignments in a dynamic environment, synthesize information, distill relevant facts and reach logical conclusions.
- Demonstrated ability to: prioritize competing responsibilities, work under pressure, meet challenging deadlines and can build and maintain effective business relationships.
- Ability to work in a team environment, building and maintain a network of contacts and coordinating with many stakeholders.
- Proven ability to anticipate and identify risks and identify effective mitigation.
- Strong analytical and problem-solving skills.
- Solid understanding of technology related regulations and industry frameworks, especially relating to operational risk management.
- Strong organization skills with the ability to multitask and prioritize; ability to work under pressure and to tight deadlines.
- Excellent communication skills, both verbal and written; ability to present ideas concisely and persuasively with tailoring to technical and non-technical audiences.
- Proficient in MS Office applications (e.g., Word, Excel, PowerPoint).
For Baltimore, expected base pay rates for the role will be between $112,000 and $177,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.
Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.
It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.
Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).
#J-18808-Ljbffr