Vulnerability Manager Cyber

Job Description

Vulnerability Manager (Cyber) - VP Glasgow 3251065 Morgan Stanley is looking for a Vulnerability manager who will be part of the Cyber Risk function within the organisation. The candidate will be joining the Vulnerability Management team as a Vice President within the Firms Cyber Risk organization with a primary focus on integrating an Attack Surface Management (ASM) program with the Firms existing VM program. VM is responsiblefor assessing reported vulnerabilities pertaining to commercial software products as to severity and relevance to Morgan Stanley and assigning them to responsible technology owners for remediation. The team is responsible for reporting on all aspects of commercialvulnerability risk exposure for the Firm. ASM will overlay this program to ensure enhanced treatment of externally facing vulnerabilities. About Morgan Stanley Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firms employees serve clients worldwide including corporations, governments, andindividuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, and strong team ethic. Morgan Stanley can provide a superior foundation for building a professionalcareer - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture. What will you be doing This VP will join the Vulnerability Management (VM) team and facilitate integration of all aspects of VM including OSS vulnerabilities, scan findings, and Attack Surface Management (ASM). Candidate must have the ability to read code and write analytical scripts. The candidate also needs to be comfortable escalating vulnerabilities and initiating requests for immediate remediation. Review issues being reported by multiple sources to ensure issues are only escalated once. Derive information from various related Splunk views and indexes. What were looking for: • 7-10 years of technology experience with time in a technology risk function • Experience with Palo Alto product suite, especially XPanse • Ability to read code and write analytical scripts • Must be knowledgeable of the software build lifecycle of Java, C++ and Python • Strong understanding of vulnerabilities and following process and procedure • Understanding of network TCP/IP, web applications, technology components, interaction between layers and services for applications and infrastructure • Experience with an enterprise reporting platform (Splunk preferred) • Strong organizational, communication, and professional skills Where will you be working You will be working in our Glasgow office in the city centre with various onsite facilities Flexible work statement: Interested in flexible working opportunities Morgan Stanley empowers employees to have greater freedom of choice through flexible and hybrid working arrangements. Speak to our recruitment team to find out more. Internal Applicants: Internal mobility can be a way to grow your career and realize your professional potential. Typically, you must be in your position for at least 18 months and performing satisfactorily before applying for another job at the Firm. Internal applicants can findout more regarding career navigation, mobility guidelines and policy on our employee portal by clicking here. Equal opportunities statement: Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross sectionof the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individualsbased on their skills and talents.