Third Party Risk Management Director

We are seeking an experienced Director to support our Third-Party Due Diligence Assessment program in Bangalore. This individual will be responsible for leading and managing the delivery of Cybersecurity and Information Security Third Party Risk Assessments.

In the Corporate Services division, we empower our businesses by creating collaborative workplace solutions and commercial services that enhance the employee and client experience, while optimizing the value of our sourcing and third-party lifecycle to enable the Firm to do-and-win business. This is a Director level position within the Third Party Risk Management, which specializes in identifying, analyzing, and managing risks presented to a company as a result of working with external parties / vendors .

Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.

What Youll Do In The Role

• Ensuring assessments are conducted in a timely manner and in accordance with firm policy, standards, and procedures. Collaborating with Technology, Business Units, Suppliers, and Sourcing to evaluate the suppliers controls policies and implementation covering (but not limited to) responses received, evidence provided, compliance demonstrated.
• Providing oversight and managing pipeline of reviews performed by the external consultant team.
• Interpreting and providing guidance on risk and controls.
• Presenting findings to management as required including responses to compliance and regulatory requests.
• Dealing with escalations and managing proactive stakeholder engagement.
• Reviewing and updating of key process documentation.
• Supporting change management and further enhancement and streamlining of the assessment process.
• Leading and contributing to continuous improvements to the program
• Review of completed Infosec, Cybersecurity and BCM questionnaires as well as review of supporting documentation provided by the third party service provider.
• Analysis and potential challenge of supplier responses via email or phone calls with the vendor
• Ability to articulate the associated risk and relevance of the third partys control environment.
• Identifying gaps if any as per methodology and clearly documenting the finding and observation
• Provide guidance around the appropriate remediation of identified gaps
• Proactively manage the assessment pipeline and escalate as needed where assessment responses are not received in a timely and satisfactory manner.
• Lead and support continuous improvement initiatives within the program. {D Part 2: Scope of Role What youll bring}
  
  

What Youll Bring To The Role

• Financial industry experience especially focused on Technology and Information Security Controls, Risk methodologies, cyber security
• Experience and a clear understanding of relevant Industry Standards (NIST, CCM etc.)
• Knowledge of Best practices and certifications (e.g. CRI, ISO certifications, SSAE/SOC reports etc.).
• Motivated self-starter, with the ability to be pro-active and work well as part of a team
• Dynamic individual with the ability to switch context quickly and work on multiple workstreams concurrently with attention to detail
• Bachelors degree required. Masters degree will be a plus
• A minimum of 7 years of experience in Information Security, Cybersecurity and / or risk and control assessments in the financial services industry
• Experience with use of GRC tools such as Archer and Process Unity
• Professional qualifications from industry standard institutions such as ISACA
  
  

What You Can Expect From Morgan Stanley

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do whats best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

---