Morgan Stanley

About the Company

Morgan Stanley (NYSE: MS) is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in 42 countries, our firm's employees serve clients worldwide including corporations, governments, institutions and individuals.

We are committed to maintaining the first-class service and high standard of excellence that have always defined the firm and everything we do is guided by our five core values: Do the right thing, put clients first, lead with exceptional ideas, commit to diversity and inclusion, and give back.

Listed Jobs

Company Name

Morgan Stanley

Job Title

Detection Engineer

Job Description

Job title: Detection Engineer Role Summary: Develop, maintain, and enhance cyber detection capabilities within a global threat hunting team. Lead threat hunting, triage, and alerting initiatives, and contribute to the evolution of bespoke detection tooling. Expectations: - 3+ years of hands‑on experience in cybersecurity (hunt, detection engineering, blue team, incident response, SOC operations, or related field). - Proven ability to translate customer requirements into actionable security solutions. - Strong grasp of security architecture principles, governance, and risk management. - Familiarity with cryptocurrency risk indicators and mitigation techniques. Key Responsibilities: - Conduct proactive threat hunting and red/blue team engagements to identify attack patterns. - Design, implement, and refine detection rules using Sigma, Yara, and ElasticSearch. - Develop and manage Python scripts for data collection, analysis, and alert enrichment. - Perform day‑to‑day monitoring of critical vulnerabilities, third‑party vendor events, and cyber threat campaigns. - Maintain and evolve internal detection tooling, incorporating new ideas into operational workflows. - Collaborate with global stakeholders to assess threat impact and recommend countermeasures. Required Skills: - Programming: Python (proficient) with additional language knowledge a plus. - Security tools: Sigma, Yara, ElasticSearch, Git. - Threat intelligence analysis and risk assessment. - Strong data analysis and logical reasoning. - Excellent communication, requirement gathering, and stakeholder management. Required Education & Certifications: - Bachelor’s degree or equivalent experience in Computer Science, Cybersecurity, Information Technology, or related field. - Valid cybersecurity certifications (e.g., CEH, CISSP, GCIH, or equivalent) are advantageous but not mandatory.

Glasgow, United kingdom

Hybrid

Junior

03-12-2025

Company Name

Morgan Stanley

Job Title

Cybersecurity DevOps Engineer

Job Description

Job Title: Cybersecurity DevOps Engineer Role Summary: Lead adversarial testing of AI/LLM systems within a security testing platform. Collaborate with product leaders, AI/ML engineers, and DevOps teams to detect and mitigate risks such as evasion, prompt injection, and data leakage. Deploy, manage, and secure cloud infrastructure, container environments, and orchestration platforms while ensuring compliance with industry standards. Expectations: - Minimum 4 years of hands‑on cybersecurity experience (red teaming, penetration testing, application security, vulnerability management, compliance, governance). - Proficiency in at least one programming/scripting language (Python, Java, C/C++, Bash). - Solid command‑line skills in Linux and Windows. - Deep understanding of threat actor TTPs, MITRE ATLAS, OWASP Top 10 for LLMs, and AI threat modeling. - Experience with cloud security best practices across AWS, Azure, and GCP. - Knowledge of containerization (Docker) and orchestration (Kubernetes). - Strong analytical, problem‑solving, communication, and stakeholder management abilities. Key Responsibilities: - Operate and refine an adversarial testing platform for AI/LLM models. - Identify, validate, and document security risks in AI/LLM pipelines (prompt injection, model evasion, data leakage). - Work with AI/ML and application developers to embed security controls into model training and inference stages. - Deploy and maintain cloud resources, ensuring secure architecture and configuration. - Conduct regular security assessments, pen tests, and compliance audits. - Communicate findings and improvement opportunities to product leads and technical teams. - Develop and maintain scripts/tools for automated testing and monitoring. Required Skills: - Cybersecurity technologies & operations (red team, pen testing, vuln management, compliance) - Programming/scripting: Python, Java, C/C++, Bash - Operating systems: Linux, Windows (CLI) - Cloud platforms: AWS, Azure, GCP (security features, IAM, networking) - Containerization: Docker; Orchestration: Kubernetes - AI/LLM concepts: prompt engineering, fine‑tuning, retrieval‑augmented generation (RAG) - Security frameworks: MITRE ATLAS, OWASP Top 10 (LLM) - Threat intelligence, TTPs, threat modeling - Data analysis & reporting - Stakeholder communication Required Education & Certifications: - Bachelor’s degree in Computer Science, Cybersecurity, or related field. - Professional certifications preferred: CISSP, CEH, CISM, GCP/AWS Security Specialty, or equivalent. - Willingness to obtain any mandatory regulatory or internal corporate qualifications as required.

Glasgow, United kingdom

On site

Junior

05-12-2025

Company Name

Morgan Stanley

Job Title

Senior Cybersecurity Engineering Specialist (Hybrid)

Job Description

Job title: Senior Cybersecurity Engineering Specialist Role Summary: Senior cybersecurity engineer within the Customer Authentication team responsible for designing, implementing, and maintaining identity and access management (IAM) solutions—primarily ForgeRock Access Manager—to secure authentication for a large customer base and support secure, developer-friendly APIs. Expectations: Deliver robust, scalable IAM architecture; produce clean, production-ready code; rigorously test and document features; collaborate with developers, architects, and product owners; stay current on IAM technologies and industry best practices; participate in code reviews and continuous improvement of engineering standards. Key Responsibilities: - Design, architect, implement, and maintain multi-tier ForgeRock Access Manager solutions (authentication, authorization, federation). - Develop IAM frameworks and RESTful APIs enabling secure, dynamic customer interactions. - Create and execute unit, integration, and functional test strategies; ensure comprehensive test coverage. - Simplify developer experience by providing clear documentation, code samples, and best‑practice guidance. - Troubleshoot complex IAM issues, conduct root‑cause analysis, and drive timely resolution. - Perform code reviews, uphold coding standards, and contribute to review guidelines. - Maintain architecture, configuration, and process documentation. - Monitor industry trends, ForgeRock releases, and emerging IAM protocols to inform architecture decisions. - Collaborate cross‑functionally with developers, architects, product owners, and security teams to align solutions with business requirements. Required Skills: - 6+ years in cybersecurity with a focus on Identity & Access Management. - Hands‑on experience with ForgeRock Identity Suite (Access Manager, etc.) or comparable IAM platforms (Okta, Azure AD, etc.). - Proficiency in Java, Spring Boot, JavaScript, and related frameworks. - Strong Object‑Oriented Programming knowledge and design principles. - Deep understanding of authentication & authorization protocols (OAuth, OpenID Connect, SAML, LDAP, etc.). - Experience designing complex test scenarios; familiarity with automated testing tools. - Excellent analytical, problem‑solving, and attention‑to‑detail skills. - Strong communication, collaboration, and stakeholder‑management abilities. - Bilingual fluency in English and French (or strong proficiency, as required). Required Education & Certifications: - Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. - Professional certifications such as CISSP, CISM, or relevant IAM certifications are a plus.

Montreal, Canada

On site

Senior

07-12-2025

Company Name

Morgan Stanley

Job Title

Data Protection Developer

Job Description

**Job Title:** Data Protection Developer **Role Summary:** Lead the design, development, and maintenance of secure, scalable software solutions that protect sensitive data within a large financial organization. Collaborate with product leads, architects, and stakeholders to define technical strategy, mentor junior engineers, and enforce best practices in code quality and performance. **Expectations:** - Deliver secure, high‑performance code that meets regulatory and internal security standards. - Mentor and guide mid‑level and junior engineers on design, architecture, and testing. - Continuously evaluate and adopt new tools, frameworks, and cloud services to improve development velocity and product resilience. - Maintain ownership of the end‑to‑end lifecycle of data protection features, from requirements to deployment and post‑release monitoring. **Key Responsibilities:** - Architect and implement complex software systems focused on data protection, encryption, and access control. - Write clean, testable, and maintainable code in Python or other OO languages. - Design and maintain relational and NoSQL (MongoDB) data models, queries, and reporting layers. - Build and optimize continuous integration/continuous deployment pipelines using Docker, Kubernetes, and related DevOps tooling. - Perform code reviews, debugging, performance tuning, and refactoring to improve reliability and scalability. - Integrate third‑party services and pre‑packaged software into the bank’s technology ecosystem. - Collaborate with security, compliance, and product teams to enforce data protection policies and regulatory requirements. - Stay current with emerging cybersecurity threats, data protection best practices, and industry standards. **Required Skills:** - Strong experience in Python and object‑oriented programming. - Proficiency with relational databases (SQL, query optimization) and MongoDB. - Deep understanding of data encryption, SSL/TLS, TCP/IP, and HTTP protocols. - Expertise in Linux/Unix environments, containerization, orchestration (Docker/Kubernetes), and cloud services. - Knowledge of Agile methodologies and DevOps practices. - Ability to design and architect large‑scale distributed systems. - Proven mentorship and code‑review capabilities. - Experience with performance optimization, scalability, and complex test scenario design. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent experience. - Regulatory or compliance certifications relevant to data protection (e.g., ISO/IEC 27001, SOC 2) are a plus.

Glasgow, United kingdom

On site

10-12-2025