Lead Incident Response Automation Developer

Morgan Stanley ,
Glasgow, City of Glasgow

Overview

Job Description

Company Profile Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services. With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals. As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, teamwork and giving back. Department Profile The mission of the Global Technology Department is to provide a highly reliable and commercial technology platform, which supports the Firms strategy, delivered by an innovative, world class team of professionals. Technology & Information Risk (TIR) is part of the global Technology organization. Its mission is you enable proactive, comprehensive, and consistent technology and information-related risk management practices across the Firm and to protect Firm information, systems, and associated infrastructure from Cyber threats. Role Profile This is a developer role in the CIRT team focused on the development of the tooling to support the Incident Response teams including the drive to automation. This role will be focused on platform and framework development in support of the CIRT team, ranging from development of the Firms SIEM and automation engines supporting the day to day incident handling. The role will include the development, upkeep and continuous improvement of an internally developed case management platform, as well as spearhead the development of supporting automation engines aimed at full runbook automation. Primary Responsibilities - Design, develop and deploy software using python that is highly performant, scalable, and extensible - Design, develop and deploy automation playbooks using internally developed software - Work closely with the CIRT and technology teams to understand requirements and convert into functional, high-quality software features - Develop and maintain SIEM frameworks, automation engines and API integrations with external applications - Maintain hygiene of the platform infrastructure across all environments by developing in a test-driven manner. - Provide escalation support for production platforms through health monitoring and root-cause troubleshooting - Support operations in their efforts to deliver a consistent and performant production platform - Participate in technology evaluations and play an active role in suggesting improvements based on technology trends, best practices, and industry standards. Skills required - Minimum 4 years of previous experience in developing multi-tier applications - Confidence developing highly integrated systems using REST and SOAP web services and message queues - Knowledge of python programming language - Experience of Jinja templates and Ansible - Experience with Splunk - Clear understanding of reactive, functional and object-oriented programming fundamentals - Knowledge of multi-threading and distributed computing - Familiar with software development lifecycle - Quick learner, self-motivated, maintain high standard of professional conduct and practice - Flexible and self-driven team player assisting/mentoring members when required - Strong task management and organizational skills to ensure balance and timely completion of ongoing efforts Skills desired - Sound SDLC practices using systems such as JIRA and GIT/Stash - Experience with developing, delivering and supporting software for Linux (or another UNIX) operating system ...