×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Cyber Security Non-Financial Risk Manager - Associate

Job in Hungary, Connecticut, USA
Listing for: Morgan Stanley
Full Time position
Listed on 2025-12-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Location: Hungary

Non-Financial Risk Manager - CTIS - Associate

We're seeking someone to join our team as a Non-Financial Risk Manager - CTIS - Associate.

The cornerstone of Morgan Stanley's risk management philosophy is the execution of risk‑adjusted returns through prudent risk‑taking that protects Morgan Stanley's capital base, liquidity and franchise. Non‑Financial Risk (NFR) refers to the risk of actual or potential economic, reputational, regulatory, financial reporting and client impact, resulting from inadequate or failed internal processes, people, and systems, or from external events impacting the full scope of its business activities, including revenue‑generating activities and infrastructure groups.

NFR is part of the Second Line of Defence providing independent oversight and challenge to management across compliance and operational risks. Given the nature and breadth of operational risk, operational risks are managed at multiple levels e.g. Firmwide, as well as Regional, Business Unit, Infrastructure Group, Control Function and Legal Entity.

The NFR Cyber, Technology and Information Security (CTIS) Department is focused specifically on managing cyber, technology and information security risks. NFR CTIS brings together rules management, standard setting, assessing risk, process and controls by technology domains, advising the business, and an oversight and testing function to provide a comprehensive risk management decision for cyber, technology and information security related risks. Cybersecurity, Information Security and Technology risk management is critical to ensure the confidentiality, integrity and availability of Firm Information, Systems and Assets.

Cybersecurity risk refers to managing and protecting the Firm's information assets and operations from cyber threats, e.g., cyber events or attacks resulting from inadvertent or intentional acts involving deception, falsification, destruction, etc. Information Security risk refers to protecting the confidentiality, integrity and availability of Firm's information and systems, e.g., internal and external threats that could result in unauthorized disclosure, misuse, alteration or destruction of confidential information and systems.

Technology risk refers to ensuring and protecting the availability, stability, capacity and recovery capabilities of the Firm's key systems, e.g., loss, damage or business disruption resulting from inadequate or failed processes, people and systems or from external events.

Morgan Stanley is seeking a Risk professional to join the Cyber, Technology and Information Security (CTIS) Oversight Department within the Non‑Financial Risk Organisation in Budapest at the Associate level. CTIS Risk Oversight is the practice of monitoring risks related to the confidentiality, availability and integrity of the Firm's systems and information including associated processes and controls. The successful candidate will be responsible for the monitoring of risks and controls around the Firm's CTIS.

Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.

What you'll do in the role:
  • Review & Challenge:
    Review risk‑management activities performed by first line of defense (1L), and challenge the effectiveness of existing controls and mitigation strategies.
  • Metrics, Risk Reporting & Monitoring:
    Regularly monitor and assess the effectiveness of risk‑management activities. Highlight key risks and the status of risk mitigation efforts. Review metrics and escalation reports to monitor risk and control‑related developments, issues and trends.
  • Emerging Threat Oversight:
    Keep a close eye on emerging security threats and vulnerabilities and advise 1L on adjustments or enhancements to risk‑management practices to address new challenges.
  • Incident Response Oversight:
    Provide oversight of incident response activities, ensuring that risk‑management considerations are incorporated into the response process, and assist with post‑incident risk assessments.
  • Security Awareness & Culture:
    Promote a culture of cybersecurity…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search