Cyber Incident Responder


Company Profile

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm’s employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.


As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career – a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.



Technology works as a strategic partner with Morgan Stanley business units and the world’s leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley’s sizeable investment in technology results in quantitative trading systems, cutting-edge modelling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients’ businesses—and to our own.

Morgan Stanley is seeking a Cyber Incident Responder to join our Computer Emergency Response Team (CERT). The role will perform incident response, campaign assessments, intelligence collection, as well as network and host based forensics.

Investigates cyber security incidents and threats
Adds context to threat indicators to convey urgency, severity, and credibility
Improves the detection, escalation, containment and resolution of incidents
Collects and analyze network and host based forensic artifacts
Maintains knowledge of threat landscape
Participates in the incident response on-call rotation




This position requires experience performing incident response and computer forensics using IDS, SIEM, and related security tools. The successful candidate will be a detail oriented critical thinker who can anticipate issues and solve problems. This individual should be able to analyze large data sets to detect underlying patterns. Preferred experience in an operational environment such as SOC, CSIRT, CERT, etc.

Required Skills

Computer security incident response and intrusion analysis
Analysis of logs, security events and network packets
Host and Network Forensics
Strong understanding of security at network and application layers
In-depth knowledge of information security threat types, their composition, and IOCs

In-depth knowledge of attacker tactics, techniques, and procedures (TTPs)
Knowledge of security event management, network security monitoring, log collection, and correlation
Knowledge of security tools such as SIEM, IDS/IPS and their integration with Windows, Unix/Linux systems, networking, and databases
Excellent writing and presentation skills to communicate findings
Ability to develop and maintain professional contacts in the security community

Required Experience

Bachelor?s Degree in Cyber Security, Computer Science or equivalent experience
3+ years of hands-on experience monitoring key security infrastructure elements, identifying security events, performing analyses, and initiating response activities
3+ years of hands-on experience investigating common types of attacks
3+ years practical experience with security technologies like firewalls, IDS/IPS, SIEM, and vulnerability management
Hands-on experience developing and tuning SIEM use cases, correlation rules, and other content

Desired skills and experience

Knowledge of multiple operating systems (Windows, Linux, OSX)
Scripting (Python, BASH, Perl, or Powershell)
Development and tuning of SIEM use cases, correlation rules, and other content
In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
Experience in the financial industry


. . . . . . . .

Leave a Reply