We're seeking someone to join our Data Protection Controls team as a DLP Policy Specialist in Cyber to support the end‑to‑end Data Loss Prevention (DLP) policy life cycle, including policy creation, analysis, tuning and ongoing management.
Responsibilities
* Contribute to the function through complex project tasks and initiatives.
* Interact regularly with team members and occasionally leadership on a range of topics.
* Policy Lifecycle Management: Design, deploy, and tune DLP policies. This includes regular hygiene reviews to audit and dismantle outdated exclusion processes, ensuring controls remain robust and relevant.
* Operational Tuning: Analyse incident telemetry to refine detection logic, significantly reducing false positives.
* Stakeholder & Vendor Liaison: Collaborate with business stakeholders to translate data protection requirements into technical controls. Partner with external vendors to resolve product bugs and stay aligned with their technology roadmaps.
* Continuous Improvement: Identify opportunities to improve DLP processes, workflows, and stakeholder engagement, contribute to automation, standardization, and documentation initiatives and participate in knowledge transfer, training, and process updates.
* Compliance & Control Support: Ensure DLP operations align with internal data protection policies and external regulations and assist in remediation activities for identified policy gaps or control deficiencies.
Qualifications
* Ability to process information, translate into plans and present summaries to stakeholders.
* Experienced understanding of business line and discipline.
* Strong understanding of DLP concepts: data classification, sensitive data types, policy rules, and enforcement.
* Experience analysing alerts, tuning policies, and interpreting data protection risks.
* Strong analytical and problem‑solving skills.
* Clear written and verbal communication – Ability to manage multiple priorities in a control‑driven environment.
* Collaborative mindset: Ability to work effectively within the broader Cyber division to unblock technical hurdles and scale data protection efforts.
* At least 4 years' relevant experience would generally be expected to find the skills required for this role.
Certified Persons Regulatory Requirements: If this role is deemed a Certified role and may require the role holder to hold mandatory regulatory qualifications or the minimum qualifications to meet internal company benchmarks.
Flexible work statement: Interested in flexible working opportunities? Morgan Stanley empowers employees to have greater freedom of choice through flexible working arrangements. Speak to our recruitment team to find out more.
Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents. For more information, please visit: https://www.morganstanley.com/people-opportunities/eeo.
#J-18808-Ljbffr