Division: Legal and Compliance Division Job Title: Non-Financial Risk Technology Risk Test Manager Job Level: Vice President Morgan Stanley Overview: Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firms employees serve clients worldwide including corporations, governments, and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence, and strong team ethic. Legal and Compliance Division Overview: The professionals in the Legal and Compliance Division LCD provide a wide range of services to our business units. LCD is made up of the Legal, Regulatory Relations, and Non-Financial Risk departments which preserve the firms invaluable reputation for integrity and protect the firm from sanctions with policies and procedures that are designed to meet regulatory requirements around the world. We also strive to maintain cooperative relationships with governmental policy makers and the regulatory and self-regulatory agencies that govern the firms businesses. Non-Financial Risk Organization Overview: The second- line of defense Non-Financial Risk 2L NFR organization includes the Compliance, Global Financial Crimes, and Operational Risk departments and provides a single, comprehensive, and consistent second-line view of these non-financial risks. Non-Financial Risk encompasses risks which are not financial in nature, and could have a potential economic, reputational, regulatory, financial reporting, or client impact from (i) failed or inadequate processes, data, or controls; ii) infrastructure or environmental factors; or iii) intentional or inadvertent actions of employees or external parties. The 2L NFR organization partners with the first-line business units to advise, train, manage, report, identify, analyze, and escalate non-financial risks. 2L NFR Testing Program Overview: The 2L NFR Testing Program is one of several component parts in the wider NFR Oversight Assurance Framework. The Program is comprised of a Central NFR Testing Team, an NFR Oversight Governance Team, and several Coverage Testing Teams aligned to the Firms primary business Divisions and to several enterprise disciplines. Role Overview: The candidate will join the 2L NFR Testing Program as a member of the Technology Risk Testing team and will perform a combination of fieldwork supervisory and test execution duties. This role reports to the Global Head of Technology Risk Testing and requires in-office attendance of 3 days/week. Primary Responsibilities: Assist in the development and maintenance of the annual technology testing plan. Manage a team of technology risk testing personnel; monitor capacity and distribute work assignments to ensure timely delivery of assigned engagements. Develop and deliver engagement announcements. Review, approve, and deliver engagement scope memos. Lead engagement kickoff meetings for stakeholders; lead periodic engagement progress updates. Supervisory fieldworkOversee the day-to-day operations of the teams testing activities: o Review and approve new test scripts and recipe cards. o Review technology risk testing personnel workpapers. o Review and disposition potential technology risk test findings; engage stakeholders accordingly. o Review proposed action plans and remediation requirements; engage stakeholders accordingly. Test execution fieldworkPerform test activities in accordance with 2L NFR testing standards: o Interview stakeholders, request and review pertinent policies, standards, procedures, KRI metrics, and other documents, and walk through relevant processes and control environments. o Develop test scripts and recipe cards. o Request and validate receipt of relevant data and samples for testing. o Execute and document test activities in test workpapers. o Identify and escalate potential test findings. o Propose action plans and remediation requirements. o Prepare test reports. Review, approve, and deliver final engagement and test reports. Track and confirm completion of action plans and their remediation requirements. Remain current on industry rules, regulations and best practices to make recommendations to the testing program. Develop and maintain effective working relationships with the business units as well as internally within the Legal, Compliance, and Operational Risk Department.