Internal Audit - Third Party Audit - Director

Description

Firm

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Division

Morgan Stanley is seeking an experienced auditor for its Internal Audit Department (IAD). IAD comprises Business, Risk and Technology Auditors; Subject Matter Experts (e.g., Risk, Data Analytics); and support functions that are responsible for ensuring the department adheres to professional, regulatory and Firm policies and procedures. IAD provides independent assurance on the quality and effectiveness of the Firm's internal control, risk management, and governance systems and processes. It achieves this by identifying and assessing the operating risks of the Firm and evaluating the adequacy and effectiveness of the Firm's system of internal control. The division provides opportunity to gain unique insight on the financial industry and its products and operations.

We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes.

Team: Third Party Audit

The role will reside within the Internal Audit's Global Center (GC) — Third Party audit team in Bengaluru. The role includes audit completion and maintaining client relationships within the firm's Third-Party organization covering External Third-Party Vendors (including Contingents and Offsite Delivery Centers) and Inter-affiliate MS Entities. The person in the role will assist the audit team in completing its annual audit plan, audit test design and execution, identifying areas requiring control enhancements, providing recommendations for control improvements and undertaking continuous monitoring of key business activities. Audited functions include Third Party Program Management, Vendor Sourcing, Payments and Outsourcing etc., in coordination with the established IA teams responsible for coverage of Risk, Third Party, Technology and the respective business divisions.

Primary Responsibilities

• Morgan Stanley is seeking a senior IT Audit candidate to cover the Third-Party Risk both in Business and Technology
• Provide business and technology audit coverage in Third Party Risk Management audits through risk assessments, audit planning, testing and reporting.
• Develop an understanding of the areas reviewed and the technology that supports them
• Lead client discussions on key processes and document walkthrough narratives and/or flow charts.
• Identify and evaluate key technology and business Third Party risks.
• Create and execute test procedures to assess the designated control environment, and clearly document results in line with internal documentation standards.
• Assist in the identification and documentation of reportable issues and participate in presenting and communicating issues to management.
• Manage audits to ensure timeliness of completion.
• Maintain ongoing communication with Business and Technology management to follow-up on previously identified audit issues.
• Participate in the periodic continuous monitoring of Third-Party Program and Risk management activities, analyze and document risk assessments.
• Assist Audit Coverage Managers in developing audit planning documents, test programs and execute against plans within specified budgets and lead certain aspects of audits/reviews. Also act as Audit Coverage Manager for audits as required.
• Lead / participate in continuous monitoring and risk assessment of key business processes to drive risk-based audit plan.
• Communicate audit findings to the Internal Audit coverage managers and senior client management.
• Identify and evaluate key risks surrounding Firm's Third-Party Risk Management programs and policies
• Participate in strategic initiatives and projects to enhance our audit approach and coverage.
• Develop good working relationship with stakeholders, auditees and broader Internal Audit Department.

Knowledge and Skills required

Morgan Stanley is seeking a strong Audit candidate who should be able to complete risk assessments and work within a team, to plan, execute and review audit tests/tasks assigned and report findings during Business/ Technology audits.

Knowledge and Skills

• Understand audit scope, prepare audit planning documentation, plan and lead walkthroughs and audit testing.
• Understand the financial services sector especially around outsourcing, operational risk, vendor management and governance and related regulations as applicable to Financial Services companies and understand the key risks and controls that are prevalent in this area.
• Strong Risk Mindset — Ability to identify risks in day-to-day processes and understand mitigating controls
• Team player with ability to work independently in a fast-paced environment and within a small team setting.
• Keen attention to detail and demonstrated strong analytical skills in identifying and analyzing key risks.
• Strong verbal and written communication skills.
• Familiarity with COBIT, SOX, NIST and FFIEC
• Strong understanding of IT general controls and ability to identify key system automated controls.
• Strong understanding of risks and ability to identify and relate technology risk to business risks in integrated audits.
• Team player with ability to work independently in a fast-paced environment and within a small team setting.

Qualifications and Experience

• Masters/ Bachelor's in Computer Science, Information Technology Management, Information Security, Technology Risk & Control Assurance etc. from a reputed institute.
• Industry relevant certifications like CISA, CISM, CRISC, CISSP, etc. will be an added advantage.
• Minimum 8-11 years of experience (relevant experience) in Internal Audit, Risk Management or Control functions within Financial Services
• Good understanding of the Internal Audit processes (e.g., risk assessments, planning, testing, reporting and continuous monitoring) (Required).

Coverage

• Monday to Friday from 12:00PM to 9:00PM

For further information, and to apply, please visit our website via the “Apply” button below.