Internal Audit Director - Non-Financial Risk (Compliance) Technology

Were seeking someone to join our team as a Director to provide audit coverage for application controls and system infrastructure used in support of Non-Financial Risk (Compliance and Global Financial Crimes) Technology audit. The Internal Audit Division (IAD) drives attention and resources to vulnerabilities by providing an independent and well-informed view and impactful messages about the most important risks facing our Firm.

This is accomplished by performing a range of assurance activities to independently assess the quality and effectiveness of Morgan Stanley’s system of internal control, including risk management and governance systems and processes. IAD serves as an objective and independent function within the Firm’s risk management framework to foster continual improvement of risk management processes. This is a Director level position within Technology Audit, which is responsible for inspecting controls in in the applications that support all three lines of business Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions and individuals around the world achieve their financial goals.

Location: New York, NY (Hybrid 3x per week in office) Interested in joining a team thats eager to create, innovate and make an impact on the world? Read on What youll do in the role: • Help identify risk and impact to relevant coverage area to prioritize areas of focus • Execute and lead aspects of assurance activities (e.g., audits, continuous monitoring, closure verification) to assess risk and formulate a view on the control environment • Facilitate conversations with stakeholders on risks, their impact and how well they are managed in a clear, timely and structured manner • Assist in managing multiple deliverables in line with team priorities • Solicit and provide feedback and participate in formal and on-the-job training to further develop self and peers • Execute planning, testing and reporting phases of the integrated audit engagements and provide audit coverage for application controls and system infrastructure used in support of Compliance and Global Financial Crimes (GFC) business processes • Understand, analyze, and test automated controls over application processing integrity, data quality, agile change management, application and system security, production management, and system resiliency What youll bring to the role: • At least 4 years relevant experience would generally be expected to find the skills required for this role • Understanding of business line and key regulations relevant to coverage area • Strong understanding of audit principles, methodology, tools and processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring) • Ability to identify and analyze multiple data sources to inform point of view • Ability to ask meaningful questions, understand various viewpoints and adapt messaging accordingly • A commitment to practicing inclusive behaviors • Bachelors Degree (Computer Science or IT related preferred) • CISA, CISSP or CPA certification a plus