Application Security and Data Discovery Lead - Vice President

The Wealth Management (WM) Chief Data Office (CDO) sits within the WM Risk organization and strives to find the right balance between risk management and business enablement. WM CDO’s mission is to: prevent unauthorized access to or misuse of client sensitive data and assets; abide by relevant privacy laws and regulations; effectively retain, retrieve, and protect information and records at the Firm; and mitigate risks caused by inaccurate, untimely, or incomplete WM data.

The WM Application and Infrastructure Security Team within WM CDO works to ensure that our clients’ Personally Identifiable Information (PII) is stored securely and appropriate controls are applied across all technology assets handling sensitive data.

Role Description:

The WM Application and Infrastructure Security Team seeks a Vice President to lead the enhancement of capabilities for identifying sensitive data risk across the WM technology estate. This individual will drive the strategy and execution of scanning solutions to identify PII across databases, files at rest, web and email traffic, managed file transfer platforms, and other channels handling sensitive data. The successful candidate will bring deep knowledge of data discovery and scanning techniques, including Exact Data Matching (EDM), as well as familiarity with text extraction capabilities and the evolving Artificial Intelligence (AI) landscape, including Large Language Models (LLMs).

In addition to leading sensitive data identification efforts, this role will serve as a cybersecurity risk officer for WM applications. The individual will work with central cyber, infrastructure, and application engineering teams to triage risks identified against the WM business risk appetite. This will include serving as the central point for vulnerability findings, application architecture risks, and SDLC concerns—among other standard cybersecurity risk management practices—ultimately balancing risk remediation against WM business objectives.

Key Responsibilities:

• Leading the strategy, design, and implementation of PII discovery and scanning capabilities across databases, file repositories, web and email traffic, managed file transfer platforms, and other sensitive data channels
• Serving as a subject matter expert on enterprise scanning and detection techniques, including EDM, content inspection, and text extraction approaches for structured and unstructured data
• Designing AI/LLM capabilities for improved data identification, classification, and risk detection across the estate
• Partnering with application, infrastructure, messaging, and file transfer stakeholders to onboard scanning controls, expand coverage, and address control gaps
• Identifying and assessing risks related to sensitive data handling, including application architecture weaknesses, SDLC issues, vulnerability management gaps, and control design deficiencies
• Developing a strategy to leverage structured data scan results and reduce risk across all WM applications
• Serving as the business owner for relevant scanning and monitoring initiatives, ensuring technology squads deliver effective products and capabilities
• Liaising with Morgan Stanley’s central cybersecurity organization to interpret control requirements and apply them effectively within the WM environment
• Defining and tracking metrics related to scanning coverage, findings, remediation progress, and residual risk
• Providing leadership and subject matter expertise to junior team members and helping drive consistent execution across the function

Qualifications:

• 7-10 years of relevant experience in cybersecurity, data security, or a related field
• Experience with enterprise data discovery, classification, or scanning capabilities across multiple technology domains
• Demonstrated usage and/or comfort leveraging LLMs in an enterprise environment
• Strong knowledge of scanning techniques, including EDM
• Understanding of databases, files at rest, web and email traffic inspection, and managed file transfer systems in large enterprise environments
• Strong understanding of common application architecture and software development practices
• Solid foundation in cybersecurity principles, including vulnerability management, secure SDLC concepts, and architecture risk identification
• Ability to partner with stakeholders and drive complex initiatives to completion in a large matrixed organization
• Excellent written and verbal communication skills, with the ability to communicate at all levels within the organization
• Exceptional critical thinking, problem-solving, and research skills
• Ability to independently manage multiple, simultaneous workstreams and exhibit strong attention to detail

Preferred Qualifications:

• Experience with text extraction, document parsing, or other techniques used to analyze unstructured data at scale
• Experience serving as a business owner or leading cross-functional delivery efforts for security or risk-related technology initiatives
• Experience with scripting, automation, or data analysis tools such as Python, SQL, or similar technologies

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

At Morgan Stanley, we raise, manage and allocate capital for our clients – helping them reach their goals. We do it in a way that’s differentiated – and we’ve done that for 90 years.  Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices​ into your browser.

Expected base pay rates for the role will be between $110,000 and $190,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background.  Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents.

Our workforce reflects a broad cross-section of the global communities in which we operate, bringing a variety of backgrounds, talents, perspectives, and experiences.

For more information, please visit: https://www.morganstanley.com/people-opportunities/eeo.

For more details click Job Post.