We're seeking someone to join our team as a Senior Security Architecture Specialist in Cyber to be responsible for the security design tooling standards across the firm translating compliance obligations into operable, developer friendly architecture patterns, while directly operating the design governance toolchain that makes those standards real.

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Software Engineering position at Vice-President level, which is part of the job family responsible for developing and maintaining software solutions that support business needs.

Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.

Interested in joining a team thats eager to create, innovate and make an impact on the world? Read on

What you'll do in the role:

Architecture governance

• Steward the security architecture standard across all verticals ADRs, threat models, trust boundaries, and control plane design

• Produce compliance traceability artifacts mapping architecture decisions to compliance requirements

• Drive cross team architecture through influence with principal engineers and engineering leads

• Support security standards, create templates and patterns to increase the efficiency and adoption of security programs.

Living Spec & Design Governance

• Operate and evolve the design governance toolchain

• Define the ADR lifecycles from creation to deprecation and ensure decision records remain the authoritative reference for architecture choices

• Build integrations between spec platform and dev tooling to make compliance traceability continuous, not periodic

What you'll bring to the role:

• Bachelors degree with 7+ years of work experience in the IT field or equivalent.

• Demonstrated experience designing and governing SDLC security controls at scale SAST, SCA, OSS governance, and container scanning.

• Hands-on experience with policy as code frameworks (OPA, Sentinel, or equivalent) and the ability to review and write policies, not just evaluate vendor tooling.

• Experience producing architecture decision records, threat models, or equivalent design governance artifacts that served as authoritative references for engineering teams.

• Strong written and verbal communication, ability to translate architecture decisions into compliance traceability artifacts and executive-facing recommendation documents.

• Track record of driving adoption through influence.

• Strong scripting background (Python, PowerShell).

Desired Skills:

• A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field.

• Business acumen to support the implementation of SAST, DAST, SCA, Container Security, API Security and IaC tools across the enterprise.

• Ability to perform code reviews with minimal assistance.

• A self-starter, with a strong desire for learning new technologies and applying them to solve problems.

• Expertise in monitoring, alerting, reporting, and data analysis.

• Experience with two or more of the application build environments like Jenkins, Gradle, Maven.

• Familiarity with public cloud services.

• Experience with two or more of the Secure SDLC tools like Github Advanced Security, Snyk, WhiteSource, Sonatype, X-Ray, Wiz.

• Experience with Threat Analysis.

• DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc.).

• Experience with evaluation, integration and onboard of application security tools.

At Morgan Stanley Montreal, we support the Firms global businesses and infrastructure with cutting edge technology and innovation. The multi-faceted and highly technical Montreal team plays a critical role in building and maintaining our leading technology platform, including electronic trading, algorithm trading, cloud engineering, infrastructure, cybersecurity and AI/ML. Morgan Stanley has been rooted in the Montreal community since 2008 and is considered a leading employer among the areas highly skilled technology talent. Theres ample opportunity to move across the businesses for those who show passion and grit in their work.

All our positions are located in Montreal, Quebec. We offer a hybrid work environment, combining remote work and attendance in the office.

Knowledge of French and English is required.

Build a career with impact. Visit morganstanley.com for more information.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

At Morgan Stanley, we raise, manage and allocate capital for our clients helping them reach their goals. We do it in a way thats differentiated and weve done that for 90 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - arent just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, youll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. Theres also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser.

Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents.

Our workforce reflects a broad cross-section of the global communities in which we operate, bringing a variety of backgrounds, talents, perspectives, and experiences.

For more information, please visit: https://www.morganstanley.com/people-opportunities/eeo.