Jobs · Information Technology · New York

Windows Infrastructure Engineer - Vice President

Morgan Stanley · New York, NY · 2 mo ago
Information Technology$150k–$210k/yrFull-time

About the role

The Endpoint Security Team within the CDRR department at Morgan Stanley is responsible for implementing the Firm's Cybersecurity Strategy. This involves architecting, engineering, deploying, and operating technical security controls and capabilities for the Enterprise across on-premises and the Azure platform. The team focuses on protecting desktops, laptops, servers, and cloud resources from malicious internal and external threats.

Responsibilities

  • Implement preventative and hardening controls
  • Enable real-time endpoint detection and response
  • Lead the implementation of AI-enabled security operations capabilities (including Microsoft Security Copilot)
  • Design, develop, and operate solutions that protect enterprise endpoints and the Azure platform
  • Translate security telemetry and analytics into actionable insights
  • Collaborate with Azure platform and security operations stakeholders
  • Operate at large enterprise scale across on-premises and Azure environments
  • Support the Firm's Cybersecurity Strategy through technical security controls

Requirements

  • 10+ years hands-on Enterprise-class Information Technology experience, including security engineering for Windows and cloud platforms (Azure)
  • Strong knowledge of Windows operating system and endpoint internals at 50,000+ endpoint scale
  • Advanced Infrastructure as Code and automation (e.g. Ansible) with Generative AI to streamline playbook creation and infrastructure workflows
  • Competency with scripting/automation languages such as PowerShell, Python, Perl etc., and the ability to codify operational runbooks (including integrating AI-assisted workflows where appropriate)
  • Experience in designing/engineering/architecting new security solutions from proof of concept to production, including Azure-aligned architectures and operational readiness
  • Experience with Enterprise-class endpoint and cloud security technologies, especially within the Microsoft security stack (e.g., Microsoft Defender for Endpoint, Microsoft Defender for Cloud, BitLocker, and related capabilities)
  • Experience with Disk Encryption (e.g. BitLocker) and hardening operating systems
  • Experience with Microsoft Defender for Cloud Apps (and broader Microsoft security ecosystem integrations)
  • Experience with SCCM/Intune for software deployment and endpoint management, and security logging/analytics platforms such as Splunk and/or Microsoft Sentinel/Azure Monitor for dashboards, reporting, and investigation
  • Experience working in a DevOps/SRE aligned team
  • Effective troubleshooting skills across hardware, OS, network, and storage
  • Experience of platform design, build and deployment, with a focus on continual service improvement (CI/CD)
  • Experience of working in an Agile environment
  • Experience with Unix/Linux, and MacOS sysadmin a benefit
  • Experience with API implementations and key management, including HSM-backed designs and/or Azure Key Vault
  • Enterprise security industry certifications (CISSP, SANS, GSEC etc)
  • Solutions Architect Certifications in either AWS and Azure

Qualifications

Passionate about cybersecurity technologies with a continuous-learning mindset, including a drive to evaluate, implement, and mature emerging capabilities like Microsoft Security Copilot in an enterprise environment.

Skills

  • Strong analytical and problem-solving abilities
  • Strong Windows Desktop/Infrastructure/Security knowledge and experience operating at very-large enterprise scale across on-premises and Azure environments
  • Advanced Infrastructure as Code and automation (e.g. Ansible)
  • Competency with scripting/automation languages such as PowerShell, Python, Perl etc.
  • Experience in designing/engineering/architecting new security solutions from proof of concept to production
  • Experience with Disk Encryption (e.g. BitLocker) and hardening operating systems
  • Experience with Microsoft Defender for Cloud Apps (and broader Microsoft security ecosystem integrations)
  • Experience with SCCM/Intune for software deployment and endpoint management, and security logging/analytics platforms such as Splunk and/or Microsoft Sentinel/Azure Monitor for dashboards, reporting, and investigation
  • Experience working in a DevOps/SRE aligned team
  • Effective troubleshooting skills across hardware, OS, network, and storage
  • Experience of platform design, build and deployment, with a focus on continual service improvement (CI/CD)
  • Experience of working in an Agile environment
  • Experience with Unix/Linux, and MacOS sysadmin a benefit
  • Experience with API implementations and key management, including HSM-backed designs and/or Azure Key Vault
  • Enterprise security industry certifications (CISSP, SANS, GSEC etc)
  • Solutions Architect Certifications in either AWS and Azure

Benefits

Comprehensive benefits package including health insurance, retirement plans, and paid time off.

Pay

Base pay rates for the role will be between $150,000 and $210,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Schedule

Full-time position.

Similar jobs