Other (Legal and Compliance) : Job Level - Director

Department Profile
Legal and Compliance

Legal & Compliance Division (LCD) comprises of Legal, Compliance, Global Financial Crimes and Regulatory Relations.
The Legal Department provides guidance, requirements, and procedures for understanding and complying with the laws, regulations and Firm policies that apply to our businesses.
The Global Compliance Department identifies applicable Compliance Obligations and maintains a Firmwide Compliance Risk management program, including Compliance Risks that transcend business lines, legal entities and jurisdictions of operation.
Global Financial Crimes is responsible for the development and governance of the Firm's financial crime prevention efforts across all regions and business units. Global Financial Crimes is comprised of the Anti-Money Laundering (AML), Sanctions, Anti-boycott, Anti-Corruption (ACG), Government, and Political Activities Compliance (GPAC) programs.
Operational Risk refers to the risk of financial or other loss, or potential damage to a firm's reputation, resulting from inadequate or failed internal processes, people, systems, or from external events. Operational Risk Department (ORD) defines the framework, standards, and governance for Operational Risk for the Firm, and implements and monitors the company-wide operational risk program. ORD works with the business units and control groups to help ensure Morgan Stanley has a transparent, consistent, and comprehensive program for managing operational risk, both within each area and across the firm globally.
The Global Regulatory Relations Group (GRRG) is responsible for strategic and centralized management of the supervisory activities of Morgan Stanley's regulators and related developments globally, with a focus on regulatory reviews and examinations and continuous monitoring activities. GRRG serves as the central point of contact for the regulatory staff responsible for supervisory activities at Morgan Stanley entities and for timely reporting to Firm management and other governance or management bodies, as appropriate, on those relationships and supervisory processes, including areas of significant regulatory focus or concern.

LCD Center of Excellence - Mumbai (LCD CoE) is a part of Morgan Stanley's Global In-house Center, which provides global support to LCD and is an integral part of Firm and LCD strategy

Background on the Team

The successful candidate will plan and execute full-scope and other tests on engagements assigned by Technology Risk Testing. The Technology Risk Testing team is part of the broader Global 2LOD Non-Financial Risk Testing organization. The team plans and executes the Technology Risk annual testing plan. Primary Responsibilities

Execute and document test activities in test workpapers. Test activities may include process deep dives, control design reviews, control effectiveness tests, or outcome-based tests.
Attend engagement kickoff meetings.
Interview stakeholders, request and review pertinent policies, standards, procedures, KRI metrics, and other documents, walk through relevant processes and control environments.
Determine and propose appropriate test activities and develop engagement scope memos.
Develop test scripts and recipe cards.
Request and validate receipt of relevant data and samples for testing.
Identify and escalate potential test findings.
Propose action plans and remediation requirements.
Prepare test reports.
Coordinate with Technology Risk testing personnel globally to track the progress of the test plan for reporting to senior management.
Track status of corrective action plans agreed upon with the business
Track internal audit reviews and findings and review internal audit work-papers to identify opportunities to leverage their reviews for Technology Risk testing reviews
Remain current on industry rules, regulations, and best practices to make recommendations to the testing program.

Skills required (essential)

8+ years audit/risk/compliance experience in the financial services industry, a regulator, or a self-regulatory organization.
Experience in executing/conducting Technology reviews.
Knowledge of global regulatory requirements like GLBA, GDPR, Part 30 Information Security, NYDFS etc. and technology control standards like NIST, FFIEC, COBIT, CIS etc.
Strong analytical, organizational, and problem-solving skills.
Investigative skills - inquiry and analysis, interviewing, testing, risk assessment capabilities
Ability to prioritize and work effectively on multiple reviews with different individuals at the same time.
Ability to work independently, as well, as in a team.
Ability to work with staff of all levels across departments.
Must have excellent written and oral communication skills.
High degree of organization and attention to detail.
Proficiency with Microsoft Word, Excel, PowerPoint, Adobe, SharePoint, Bloomberg

Skills desired

Chartered Accountant (CA) or Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) designations are highly desirable.
BA/BS required with a concentration in Computer Science or Information Technology or Cyber Security
Other relevant industry certification in the Technology field (e.g. CISSP, cloud certifications, etc.) are a plus

Coverage

Monday to Friday from 11:30 AM to 8:30 PM. Coverage is dependent on business needs so flexibility on required finish time or full day's coverage may be required during some Indian holidays.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 85 years. At our foundation are five core values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - that guide our more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you'll find trusted colleagues, committed mentors and a culture that values diverse perspectives, individual intellect and cross-collaboration. We Firm is differentiated by the caliber of our diverse team. While our company culture and commitment to inclusion define our legacy and shape our future, helping to strengthen our business and bring value to clients around the world. Learn more about how we put this commitment to action: morganstanley.com/diversity. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry.

We're committed to bringing passion and customer focus to the business.

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

Coverage for Audit Jobs
• Monday to Friday from 12:00PM to 9:00PM India time with flexibility on standard working hours for time sensitive matters.
• Periodic evening calls with US and EMEA Internal Auditors and auditees.