Cyber Incident Responder

Full Time
Montréal, Canada
Areas of Interest: Incident Response
report a problem

Morgan Stanley is a global financial services firm and a market leader in investment banking, securities, investment management and wealth management services. With offices in more than 43 countries, the people of Morgan Stanley are dedicated to providing our clients the finest thinking, products and services to help them achieve even the most challenging goals.

As a market leader, the talent and passion of our people is critical to our success. We embrace integrity, excellence, team work and giving back.


The Technology division partners with our business units and leading technology companies to redefine how we do business in ever more global and dynamic financial markets.

Our sizeable investment in technology results in leading-edge tools, software, and systems. Our insights, applications, and infrastructure give a competitive edge to clients’ businesses—and to our own.

Technology Information Risk (TIR) enables the Firm to manage risks through implementing proactive, comprehensive and consistent risk management practices which protect the franchise while capturing business opportunities. The TIR team partners with the business by ensuring that Technology understands how to manage, escalate and monitor risk.

Position Description

Morgan Stanley is seeking a Cyber Incident Responder to join our Computer Emergency Response Team (CERT). This role will perform incident response (IR), campaign assessments, and network and host based forensics, as well as expand response capabilities and help streamline IR workflows.

  • Investigates cyber security incidents and threats
  • Adds context to threat indicators to convey urgency, severity, and credibility
  • Improves the detection, escalation, containment and resolution of incidents
  • Collects and analyzes network and host based forensic artifacts
  • Assesses and improves the effectiveness of CERT response capabilities
  • Maintains knowledge of threat landscape

This position requires experience performing incident response and computer forensics using IDS, SIEM, and related security tools.  The successful candidate will be a detail oriented critical thinker who can anticipate issues and solve problems. This individual should be able to analyze large data sets to detect underlying patterns, evaluate incident response capabilities and procedures, and have a strong drive to improve existing processes. Preferred experience in an operational environment such as SOC, CSIRT, CERT, etc. 

Required Skills

  • Bachelor’s Degree in Cyber Security, Computer Science, engineering  or equivalent experience 
  • 3 plus years’ experience in a similar role.
  • Computer security incident response and intrusion analysis
  • Analysis of logs, security events and network packets
  • Host and Network Forensics
  • Strong understanding of security at network and application layers
  • In-depth knowledge of information security threat types, their composition, and IOCs 
  • In-depth knowledge of attacker tactics, techniques, and procedures (TTPs)
  • Knowledge of security event management, network security monitoring, log collection, and correlation 
  • Knowledge of security tools such as SIEM, IDS/IPS and their integration with Windows, Unix/Linux systems, networking, and databases 
  • Excellent writing and presentation skills to communicate findings and deliver effective presentations to stakeholders
  • Hands-on experience monitoring key security infrastructure elements, identifying security events, performing analyses, and initiating response activities
  • Hands-on experience investigating common types of attacks

Desired skills

  • Knowledge of multiple operating systems (Windows, Linux, OSX)
  • Practical experience with security technologies like firewalls, IDS/IPS, SIEM, and vulnerability management
  • Hands-on experience developing and tuning SIEM use cases, correlation rules, and other content
  • Scripting (Python, BASH, Perl, or PowerShell)
  • In-depth knowledge of security event management, network security monitoring, log collection, and correlation.
  • Experience in the financial industry
  • Ability to develop and maintain professional contacts in the security community

Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential.


Share this job:

Morgan Stanley

You have talents. We have options.
Morgan Stanley mobilizes capital to help governments, corporations, institutions and individuals around the world achieve their financial goals. For over 75 years, the firm’s reputation for using innovative thinking to solve complex problems has been well earned and rarely matched. A consistent industry leader throughout decades of dramatic change in modern finance, Morgan Stanley will continue to break new ground in advising, serving and providing new opportunities for its clients. Morgan Stanley is committed to maintaining the first-class service and high standard of excellence that have always defined the firm. At its foundation are four core values — putting clients first, doing the right thing, leading with exceptional ideas and giving back — that guide its more than 55,000 employees in 1,200 offices across 43 countries.
Visit Morgan Stanley's Social Media pages:
Company Industry: Financial Services
Company Type: Public Company
Company Size: 10,001+