Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services. With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals.
As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, team work and giving back.
The Technology division partners with our business units and leading technology companies to redefine how we do business in ever more global and dynamic financial markets.
Our sizeable investment in technology results in leading-edge tools, software, and systems. Our insights, applications, and infrastructure give a competitive edge to clients’ businesses-and to our own.
Enterprise Technology & Services (ETS) delivers shared technology services for the Firm supporting all business applications and end users. ETS provides capabilities for all stages of the Firm’s software development lifecycle, enabling productive coding, functional and integration testing, application releases, and ongoing monitoring and support for over 3,000 production applications.
ETS also delivers all workplace technologies (desktop, mobile, voice, video, productivity, intranet/internet) in integrated configurations that boost the personal productivity of our employees. Application and end user services are delivered on a scalable, secure, and reliable infrastructure composed of seamlessly integrated datacenter, network, compute, cloud, storage, and database services.
This is a development role within the Cyber Response Platform Engineering team within the Enterprise Security Platforms group.
The role is primarily responsible for development on security workflow platforms in the Incident Management, Investigations and Response space. Key responsibilities include finding creative solutions to complex business problems, development of integrations for supporting applications, automation of business processes, implementation of platform monitoring and deploying automation capabilities to facilitate Agile practices. The role is engineering oriented, with opportunities to expand and enhance the role and responsibilities.
– Work within the squad to develop new capabilities in the Security Incident Management and Threat Response platforms and controls.
– Implement security workflow tooling and automation using a variety of vendor products, open source, and bespoke solutions.
– Integrate platforms with existing firm systems e.g. logging and reporting tools, entitlement management products.
– Collaborate globally with colleagues.
– Develop and Maintain business relationships with multiple internal clients.
– Create, review, and maintain documentation for security controls.
– Develop tools in Python to provide additional platform functionality.
– Perform code reviews for peers to ensure code meets the right standards.
– Maintain hygiene and stability of the platform infrastructure across all environments keeping it current via patches and upgrades.
– Respond to escalations from Operations members, platform health monitoring alerts and perform root cause analysis.
– Escalate and liaise with internal/external technical groups when required.
– Participate in technology evaluations and play an active role in suggesting improvements based on technology trends, best practices, and industry standards.
– Deliver continuous improvement of the services being delivered.
– Automate routine tasks (maintenance, housekeeping, build & testing) in the ongoing support of the data security platforms.
– Good knowledge of application security (SAML, OAuth, OpenID, Kerberos, Policies, entitlements etc.)
– Excellent scripting and development in Python & Shell
– Experience in working with Web Technologies (e.g. NginX/Apache, Flask, Angular)
– Experience with Cloud development stack (AWS, Azure, Kubernetes)
– Good knowledge of Enterprise Linux system administration (RHEL/CentOS)
– Experience with direct client interaction to derive requirements
– Strong problem-solving skills, with aptitude for troubleshooting and analysis.
– Exceptional communication/interpersonal abilities
– Flexibility and are a self-motivated team player, able to assist/mentor when required
– Strong task management and organizational skills to ensure balance and timely completion of ongoing efforts
– Experience with Agile CI/CD pipelines (e.g. Kanban/Scrum/, Jira/GitHub Issues, Git, Jenkins/Travis)
You might also have:
– Knowledge of security processes and their integration points in a global environment in the finance industry or an industry at a similar scale
– Client-focused security workflows development background
– Windows and SQL database administration experience – Understanding of/Experience with: Infrastructure as Code, Continuous Integration, Continuous Delivery, Test Automation
– Understanding of Agile Methodology (Kanban vs Scrum, Squads, ceremonies)
– Development experience with Object Oriented principles in Python/Java
– An understanding of SQL and noSQL database technologies. (SQL/Wide Column/Graph/Document Store Databases etc)
– Previous experience integrating enterprise security platforms such as Splunk, Qualys, iDefense, Symantec, TheHive etc.
– Experience with Infrastructure as Code Tools (Terraform, Ansible, etc)
Knowledge of French and English is required.
Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential.
Spotlight on our Montreal Technology Centre: https://www.youtube.com/watch?v=oo5GaXpCwKs
*Video dated October 2019.