Security Ops (Operations (Tech))

Morgan Stanley ,
Glasgow, City of Glasgow

Overview

Job Description

Company Profile Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services. With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals. As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, team work and giving back. Technology The Technology division partners with our business units and leading technology companies to redefine how we do business in ever more global and dynamic financial markets. Our sizeable investment in technology results in leading-edge tools, software, and systems. Our insights, applications, and infrastructure give a competitive edge to clients businesses and to our own. Enterprise Technology & Services (ETS) delivers shared technology services for the Firm supporting all business applications and end users. ETS provides capabilities for all stages of the firm's software development lifecycle, enabling productive coding, functional and integration testing, application releases, and ongoing monitoring and support for over 3,000 production applications. ETS also delivers all workplace technologies (desktop, mobile, voice, video, productivity, intranet/internet) in integrated configurations that boost the personal productivity of our employees. Application and end user services are delivered on a scalable, secure, and reliable infrastructure composed of seamlessly integrated datacentre, network, compute, cloud, storage, and database services. Position Description We are seeking to add an experienced Web Security subject matter expert to join our Web Security Operations team in Glasgow. The team is responsible for the day-to-day operations, security, and health of Morgan Stanley's web infrastructure on which thousands of web applications run. The specialist will act as a subject matter expert for web security, handle operational escalations from our L2 teams, respond to incident management notifications, as well as in delivering robust, effective solutions covering our internet perimeter and external content delivery network providers. Responsibilities * Provide Level 3 Operations support for a global perimeter Web proxy and Web security enterprise infrastructure. * Maintain Web security infrastructure, providing stability by developing tools, policies, processes and procedures for the operations teams. * Provide a secure environment, by implementing controls to manage and mitigate risks. * Develop automated metrics reporting capabilities. * Create, review, maintain and update documentation including Documenting & Publishing fixes in central knowledge base. * Work with global colleagues to provide globally consistent processes and solutions. * Investigate & Troubleshoot root causes when escalated from operations. * Escalate and liaise with additional internal/external groups when required. * Input into Business Continuity Planning and Practices. * Intergration and testing, and deployment of Web Proxy technologies with leading network DLP or Malware scanning solutions. * Collaborating with leads responsible for web and application servers, load-balancers and web authentication infrastructure * Working with colleague subject matter experts in the wider organization who administer networks, logging, application architecture and other complementary technologies. * Drive determination and implementation of security best practice in our web platforms and infrastructure * Research into vendor and open source solutions in the web security space, and determination of their place in our overall solution * Interfacing with technical contacts at external vendor providers and other internal teams to ensure a holistic solution is delivered and enhanced * Training operations L2 personnel, application support groups in tools, technologies and procedures. Skills Required * Moderate-Advanced proxy experience required including engineering of flows via proxy and client access for troubleshooting; Bluecoat ProxySG Appliance experience preferred. * Must know how to integrate external services with proxies via ICAP, proxy chaining, service offloads, etc. * Moderate cloud security experience across at least a couple of the more cloud providers (Azure, O365, AWS, etc.)Excellent understanding and experience architecting and implementing Web security solutions * Good understanding on Web Proxy infrastructure serving various application layer protocols such as HTTP/HTTPs/SOCKS/FTP/ICAP * Scripting and Development Skills (Perl, Python or Shell). * Moderate Linux Sysadmin experience. * Interpersonal Skills - Communication, flexibility, self-driven, team player * Strong general networking background (Firewalls, Routing, Load Balancing, OSI Model, Packet trace and analysis, etc.) * Good understanding of the protoco