Job #: 2527
Title: Cloud Architect
The Cloud Security Architecture (CSA) team is part of the Technology Risk (TR) organization.The mission of the CSA team is to provide security assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices. This highly leveraged internal position within Morgan Stanley’s IT Security organization has excellent growth potential. The Cloud Security Architecture team works with IT groups on a global basis to ensure that IT projects are executed in a secure manner. The successful candidate will join the Cloud Security Chapter within the larger Cloud Security Architecture team. This team reviews the security posture of projects involving SaaS, PaaS or IaaS and recommend steps towards the secure usage of Cloud Technologies. This role requires hands-on experience in application and/or infrastructure security, technology risk management in a highly regulated environment as well as great organizational and communication skills.
Specific role responsibilities include:
– Work with network, platform, engineering and development teams in architecture design and review sessions.
– Provide specific security expertise to engineering teams by identifying and creating patterns and blueprints for repeatable security, infrastructure and application instantiations. Blueprints and patterns may address such areas as network design, database access, authentication methods, encryption requirements, key management, entitlement design, identity management, logging, input validation, secure data transfer among others.
– Identify areas of risk on projects where security requirements cannot be fully addressed in the required time frame of the project.
– Document and present those risks to senior business, IT and Security team members.
– Help identify areas of security the firm might want to invest in improve IT security.
– Create documentation and guidance on the secure implementation of new technologies in the firm.
– This involves liaising with other technology subject matter experts to build consensus, outlining areas of improvement in written form and explaining concerns early on. Required
– 5 to 8 years of information security experience
– Excellent communication / interpersonal skills to be able to interact at all levels & be effective as part of a broader team, capable of taking broad objectives and create and execute a concrete plan- Ability to influence and engage with senior management
– Ability to manage expectations and handle high-pressure situations with tight deadlines
– Experience in an information security (application and/or infrastructure) role in an enterprise environment.
– 2+ years Hands-on experience with popular Cloud Vendors and technologies such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform
– Ability to quickly adapt to changing priorities and demands
– Ability to write documentation for all types of audiences, from very specific technical guides to higher level research on technologies and vendors.
– Demonstrated ability to see through sales pitches to find inconsistencies and omissions to quickly identify the most effective areas to look for controls gaps, and the technical ability to follow through.
-Experience with applied crypto systems-Experience with PKI
-Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
-Experience with Docker or other Linux Container technologies-Experience with Kubernetes or similar workload orchestration
-Knowledge of HTTP -Knowledge of traditional network technologies, such as firewalls, NAT, Load balancers, and web proxies
-Experience with Software Defined Networking Technologies