Placement and Duration
The Technology Summer Analyst (Cybersecurity) Program is a 10-week program beginning in June that provides an intensive hands-on introduction to the Technology Division and Cybersecurity at Morgan Stanley. The program is designed to offer a real-world, project-based experience of what it’s like to be a Cybersecurity technologist for a top financial firm.
The mission of the global Technology Division is to provide a highly reliable and commercial technology platform, which supports the Firm’s strategy, delivered by an innovative, world-class team of professionals. Technology Risk (TR) is part of the global Technology organization and manages operational and technology related risks on behalf of the Firm. The group’s key principles are to provide proactive, comprehensive and consistent risk management, to enable the execution of the Firm’s strategy. TR’s mandate is to enable the Firm to manage its technology and data related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The TR team partners with the business by ensuring that Technology understands how to manage escalate and monitor risk.
Morgan Stanley’s state-of-the-art Cybersecurity Fusion Center (Fusion) is charged with orchestrating prevention, detection, and response to cyber events that threaten the Firm’s clients, assets, and reputation. Partnering with key stakeholders across Technology and the business, Fusion manages cyber events from detection through response to resolution, and serves as the Firm’s focal point for cyber communications and reporting. Fusing together information received externally from our partners and internally from our detection and analytics teams to enable rapid decision-making, Fusion is the cornerstone of the Firm’s agile and adaptive cyber defense strategy – enabling the Firm to rapidly align our defensive capabilities to adapt to changing adversary tactics.
The Summer Analyst program includes a Firmwide orientation to Morgan Stanley’s businesses and division specific training. Your training will continue throughout the summer with structured learning sessions run by senior executives. Similarly, you will have many opportunities to integrate with peers and senior colleagues through a series of networking, social, and charity events.
As a Summer Analyst, you will be placed into either of the teams below. Team placement will be determined based on a mutual fit, taking into consideration your interest and skill set.
Fraud & Cyber Analytics: The global Fraud & Cyber Analytics team plays a critical role in the detection of cyber threats against the Morgan Stanley network. As part of the Threat Hunt function, team members will contribute to the delivery of a suite of advanced external and internal monitoring capabilities to enable real time threat detection delivered to incident response teams.
Responsibilities may include:
• Analyze security logs to look for indicators of attack and compromise, and threat activity patterns
• Research on latest threat actor tactics, techniques and procedures for analytic development potential
• Develop specific, cutting edge analytics to detect malicious activity in our technology environment
• Engage with stakeholders to identify opportunities to tune existing analytics
Cyber Incident Response Team: The global Cyber Incident Response Team (CIRT) is a 24/7 operation with members in key geographical locations, performing incident response and remediation, campaign assessments, network and host based forensics. Security Analysts work core hours in their region with an on-call rotation for critical incidents.
Responsibilities may include:
• Investigate cybersecurity incidents and threats
• Engage with stakeholders and leadership teams as part of the response and remediation efforts
• Improve the detection, escalation, containment and resolution of incidents
• Enhance existing incident response methods, tools, and processes
• Maintain knowledge of technologies and the threat landscape
Qualifications / Skills / Requirements
• You are an undergraduate, Masters or Ph.D. student and graduating between December 2022 and July 2023.
• Computer Science, Computer Engineering, Mathematics, Data Analytics or other technical / quantitative majors preferred.
• A genuine interest in cybersecurity.
• You have experience with at least one programming language or scripting language: e.g. Python, C++ or Java.
• You have operating system knowledge (Windows and Unix).
• You are detail oriented, and a critical thinker who can anticipate issues and solve problems.
• You have excellent problem-solving, communication, teamwork, and analytical skills.
• You are fluent in English.
• Experience in the Financial Services sector is not required.
Application Process and Deadline
Please apply by Sunday, 26th September 23:59 HKT.