Immediate Require Application Security Engineer

Job Description

*About Us Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. We advise, originate, trade, manage and distribute capital for governments, institutions, and individuals. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. We provide you a superior foundation for building a professional career where you can learn, achieve and grow.Technology/Role/Department at Morgan Stanley The mission of TECHNOLOGY & OPERATIONS RISK is to deliver first-line defenses to manage risks to Firm technology, information and cyber threats through risk identification, control management and assurance. This allows the business to operate and grow in a secure and legally compliant manner. Our vision is to deliver Programs that protect and enable the business, ensure secure delivery of services to our clients, adjust to address the risks presented by an evolving threat landscape, meet regulatory expectations, and offer highly attractive career opportunities. The Enterprise Security Platforms (ESP) team is - amongst other things - responsible for developing and engineering the Firm s core security controls. The technology and solution stack spans all Firm employees as well as external clients of the Institutional Security and Wealth Management Businesses. It consists of home-grown software, 3rd party software, open-source products, appliances, and auxiliary services and solutions. We are looking for highly skilled cyber engineers with experience in Security tools, good experience in Penetration testing and integrating security tools to CICD pipeline. Application Security engineers are responsible for analyzing user requirements and business objectives, determining security features and functionality, and recommending changes to existing applications, among other duties. Engineers need to compile detailed technical documentation and user assistance material, requiring excellent oral/written communication. The candidate will be part of the global team with global responsibilities of the below:Job Responsibilities: Analyze communicated requirements and come up with tech design. Engages with application teams during remediation phase to help application teams to remediate risks by researching and providing the suitable solutions Research, develop tech solutions based on communicated requirements and tech design Enhance existing security solutions prioritized based on feedbacks, issues on PROD, internal discussion etc. Create documentation/support procedures and assist Developers/ Operation/ SRE team for operational work. Enforce software SLDC in the development circle. Support continuous improvement by investigating alternatives and technologies and presenting these for architectural review, *Technical Skills Required Excellent cybersecurity capabilities and strong software engineering skills 7+ years software experience required with at-least 5 years in Penetration testing and developing secure systems. Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Experience with widely used security tools like BlackDuck Hub, Microsoft Threat modeling tool, SAST (Fortify, Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Contrast, Vulnerability management and continuous monitoring tools. Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP or CISSP (Good to have) Experience and knowledge of penetration testing methodologies and tools Understanding of Agile software development practices Good programming skills in core Java, Python, and cloud technologies Experience of using MIT Libraries, opensource frameworks, and commercial products Hands-on experience with CI/CD tools like (GIT, Jenkins, Team City) Experience of using relational database, like JDBC, SQL, Store Procedure.MUST HAVESBachelor s degree in computer science or software engineering, or equivalent Minimum 7 years of software development experience Minimum 5 years of experience leading global teamsMorgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential.

Keyskills :
firewallnetworkingcustomer relationsidscomputer scienceoperational riskexternal clientswealth managementcommercial modelsuser requirementsinvestment bankingfinancial services