No more applications are being accepted for this job
Security Analyst - Baltimore, MD, United States - Morgan Stanley
Description
Company ProfileMorgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services
The Firm's employees serve clients worldwide including corporations, governments, and individuals from more than 1,200 offices in 43 countries
As a market leader, the talent and passion of our people is critical to our success
Together, we share a common set of values rooted in integrity, excellence, and dedicated team ethic
Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow
A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture
Department Profile
The mission of the Cyber Data Risk and Resilience division is to ensure the Firm manages its global businesses and serves clients on a market-leading technology platform that is resilient, safe, efficient, smart, fast, and flexible
The Security Response Team (SRT) is part of the Cyber Data Risk and Resilience division and manages the incident response capability to support day-to-day cross-enterprise event investigations and strategic input into security controls and countermeasures to proactively create better security for the Firm
The group's vision is to deliver programs that protect and enable the business, ensure secure delivery of services to clients, adjust to address the risks presented by an evolving threat landscape and meet regulatory expectations
Team Profile
Morgan Stanley is looking for a Lead Security Analyst to join the firm's Cyber Incident Response Team Operations (CIRT Operations)
The global CIRT Operations is a 24/7 operation with members in key geographical locations; performing incident response and remediation, campaign assessments, network and host-based forensics
Lead Security Analysts work core hours in their region with an on-call rotation for critical incidents
Primary Responsibilities
Lead Security and Triage Analysts
Engage with Regional and Global Leadership with respect to resourcing and operational requirements
Investigate cyber security incidents and threats
Interact with stakeholders and leadership teams as part of the response and remediation efforts
Improve the detection, escalation, containment, and resolution of incidents
Enhance existing incident response methods, tools, and processes
Maintain knowledge of technologies and the threat landscape
Assist during non-core business hours during an emergency, critical, or large-scale incident
Qualifications:
Candidates should have a genuine interest in cyber security and a good understanding of the tactics, techniques, and procedures of attackers
Candidates should be interested in a leadership/management or hybrid career path
This role requires a detail oriented, critical thinker who can anticipate issues, and solve problems
Candidates should be able to analyze large datasets to detect underlying patterns and drive to a root cause analysis
Required Skills:
Experience with Security Analysis and Incident Response (i.e., working in SOC/CIRT/CSIRT/CERT)
Subject matter expert in multiple areas such as Windows, Unix, firewalls, intrusion detection, and network- and host-based forensics
Understand the totality of a threat across multiple technologies and think like an adversary
Sound understanding of TCP/IP and networking concepts, security alerts, and incidents
Excellent writing and presentation skills are required to communicate findings, recommendations, and status of ongoing investigations
Experience with investigating common types of attacks, network packet analysis, log analysis, and reviewing security events
Ability to build mitigations to defend against network-based threats
Experience with developing response workflow for a security event
Experience reverse engineering malware to understand attack vector and objective(s)
Ability to develop and maintain professional contacts in the security community
Desired skills:
Security product assessments
Scripting (Python, BASH, Perl, or PowerShell), coding, or other development experience
In-depth knowledge of security event management, network security monitoring, log collection, and correlation
Experience in Splunk usage or administration
Experience in Security Orchestration and Automated Response (SOAR) usage
Industry certifications:
GCIH, GNFA, GREM, or other related certifications
Experience in the financial industry
Understanding of Cloud Security
Knowledge on OWASP Top 10
Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence
Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools
We want to be the first choice for prospective employees
It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law
Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet)
Expected base pay rates for the role will be between $135,000 and $200,000 per year at the commencement of employment
However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs
#LI-TS2