Python Infrastructure Developer
Technology Risk's (Tech Risk) mandate is to enable the Firm to manage its technology related risks. The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive and consistent risk management practices across the Firm.
Tech Risk protects the Firm’s information, systems and infrastructure from cyber and insider threats; ensures the secure and stable delivery of services to our clients; and adjusts to risks presented by an evolving threat landscape. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and also provides expert advice on secure design and development and control effectiveness. Tech Risk manages responses to regulatory and client inquiries about the Firm’s technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction. Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.
The Cyber Platforms Fleet (CPF), part of the broader Enterprise Security Platforms organization, is focused on the architecture, engineering, deployment and management of multiple key Enterprise scale security platforms, tools, and resources. These efforts are successfully achieved through a consistent focus on strategic thinking, engineering excellence, wide-ranging team engagement, agile workflow, and a desire to develop new skills.
CPF is currently looking for a hands-on developer to join the Vulnerability Infrastructure Squad. Working with multiple distinct teams throughout Morgan Stanley technology a successful candidate will be focusing on the implementation and deployment of a global container vulnerability scanning solution covering cloud and on-premises containerized OSes and platforms. These efforts will draw from experience with cloud infrastructure, container runtime and management tools, software development and platform integration.
• 3+ years of hands-on development experience in Python or alternate programming languages such as Perl, Java, C, C++.
• 2+ years working w/ container runtimes and management of Kubernetes platforms such as AKS, EKS, OpenShift.
• 2+ years working in and around cloud environments such as Azure, AWS, Google Cloud.
• Experience with CI/CD technologies including Jenkins, Stash, GitHub, Git, Jira.
• Familiarity with infrastructure as Code tools such as Terraform, Helm, CloudFormation, Azure Resource Manager.
• Solid comprehension of private, public and hybrid cloud models as well as distinct service models IaaS, PaaS, and SaaS.
• Track record of having worked on, and been involved in, the deployment and management of infrastructure at scale.
• Strong interpersonal, written, and verbal engagement skills ensuring an ability to communicate at all levels across multiple project aspects.
• Focus on good time-management, task prioritization and an ability to meet agreed upon deadlines.
• Confidence in your skills, a drive to self-start and a team player possessed of a high level of commitment and enthusiasm.
• Familiarity with, or experience working in, an Agile environment leveraging Kanban/Scrum.
• Experience in Azure DevOps: Azure Pipelines, Azure repos, Azure artifacts.
• Background in a security focused environment or a distinct interest in developing deeper knowledge of cyber security.
• Thorough understanding of security architecture principles, design, and engineering best practices.
• Knowledge or experience with security areas such as container security principles, Common Vulnerabilities and Exposures (CVEs) and Common Platform Enumeration (CPE)
Our advisory for this position
HR Advisor and Talent Finder
need you. Apply today