Cloud Security Engineer

Company Profile:

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in more than 42 countries, the Firm's employees serve clients worldwide including corporations, governments, institutions, and individuals. For further information about Morgan Stanley, please visit

The mission of Cyber Data Risk & Resilience (CDRR) is to deliver first‑line defences to manage risks to Firm technology, information and cyber threats through risk identification, control management and assurance. This enables the business to operate and grow in a secure and legally compliant manner. Our vision is to deliver programs that protect and enable the business, ensure secure delivery of services to our clients, adjust to address the risks presented by an evolving threat landscape, meet regulatory expectations, and offer highly attractive career opportunities.

The Cloud and Platform Security team securely enables the firm to leverage cloud‑native services at enterprise scale. This team designs the security requirements that must be adhered to in cloud as well as builds the tooling and automation needed to provide enterprise capabilities to protect the firm and make securing workloads easier for application teams. The team is currently looking for a Cloud Security Requirements Specialist for Artificial Intelligence and Machine Learning Services.

The successful candidate will develop security requirements for AI & ML cloud services to be implemented by dedicated cloud security engineering teams. The successful candidate will work with some of the best professionals in the business, for a firm that values individual intellect as much as teamwork.

• Carry out in‑depth security research and testing of cloud services across Microsoft Azure, AWS and GCP.
• Develop firm‑wide security requirements that enable the secure use of cloud services at massive scale.
• Collaborate closely with engineering teams to understand use cases and stakeholder requirements.
• Identify areas of risk on projects where security requirements cannot be fully addressed in the required time frame of the project. Identify and propose mitigating controls as necessary.
• Document and present risks to senior business, IT and Security team members.
• Provide security expertise to engineering and development teams, acting as a project team lead providing consulting advice and ensuring security requirements are implemented in a scalable, reusable way.

• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent 5-7 years of practical experience.
• Strong Information Security background with extensive hands‑on experience.
• Experience hardening cloud resource configurations to comply with internal and external regulations and controls.
• Detailed knowledge of cloud architectures and related security technologies (IAM, DLP, configuration assurance, security automation, GRC, etc.).
• In‑depth knowledge of cybersecurity threat types, their composition and mitigation techniques.
• Proficiency in at least one of the major Cloud Service Providers (GCP, AWS, Azure).
• Strong critical thinking ability and cybersecurity mindset.
• Ability to write documentation for all types of audiences, from very specific technical guides to higher level research on technologies and vendors.
• Excellent communication / interpersonal skills to be able to interact at all levels & be effective as part of a broader team, capable of taking broad objectives and create and execute a concrete plan.
• Ability to manage expectations and handle high‑pressure situations with tight deadlines.
• Experience in an Information Security role in an enterprise environment.
• Ability to quickly adapt to changing priorities and demands.
• Ability to work independently and self‑motivate.

We are committed to maintaining the first‑class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values – putting clients…