Azure Endpoint Security Engineer- Vice President

Position Profile As a key component of the firm’s Technology organization, the Cyber Data Risk and Resiliency (CDRR) department’s mandate is to enable the firm to manage technology risk through modern, cloud‑aligned and AI‑informed security practices. CDRR executes first‑line of defence technology risk‑management capabilities and implements proactive, comprehensive, and consistent risk management across on‑premises and Azure‑hosted services. CDRR protects the firm’s information, endpoints, and infrastructure from cyber and insider threats by delivering operational capabilities and a suite of advanced detection, monitoring, analytics, and automation. The department is driving the implementation and operationalization of AI‑assisted investigation and response capabilities (including Microsoft Security Copilot) – covering onboarding, integration with the Microsoft security stack, governance/controls, and measurable improvements to triage speed and response quality. CDRR provides expert advice on secure design, development, and control effectiveness across enterprise endpoints and the Azure platform. Role Profile & Expectations You will be part of a Global (North America, Europe, Asia) cross‑disciplined Agile team working with DevOps practices within the firm’s Endpoint Security team, partnering closely with Azure platform and security operations stakeholders. You will have strong Windows Desktop/Infrastructure/Security knowledge and experience operating at very‑large enterprise scale across on‑premises and Azure environments, including identity, endpoint, and cloud security controls. You will have strong analytical and problem‑solving abilities, with experience using security telemetry and analytics to drive decisions, and the communication skills to translate findings into clear actions – including helping implement Microsoft Security Copilot by defining high‑value use cases, creating prompt/runbook patterns, validating outputs, and partnering with security operations to drive adoption. You will be responsible for continuously improving the quality of our technology solutions through peer review, retrospectives, refactoring and automation, and by building, operationalizing, and maintaining repeatable AI‑assisted runbooks and workflows (including Microsoft Security Copilot) to increase consistency, improve auditability, and reduce mean time to detect/respond. Required Skills 10+ years hands‑on Enterprise‑class Information Technology experience, including security engineering for Windows and cloud platforms (Azure). Strong knowledge of Windows operating system and endpoint internals at 50,000+ endpoint scale, including modern security telemetry and endpoint protection capabilities. Ability to troubleshoot complex Windows OS environments across hybrid architectures (on‑premises and Azure), including identity, networking, and security control interactions. Advanced Infrastructure as Code and automation (e.g. Ansible) with Generative AI to streamline playbook creation and infrastructure workflows for efficient operations. Competency with scripting/automation languages such as PowerShell, Python, Perl, etc., and the ability to codify operational runbooks (including integrating AI‑assisted workflows where appropriate). Experience in designing/engineering/architecting new security solutions from proof of concept to production, including Azure‑aligned architectures and operational readiness. Dedication and passion for cybersecurity technologies, with an AI‑first and continuous‑learning mindset, including a drive to evaluate, implement, and mature emerging capabilities like Microsoft Security Copilot in an enterprise environment. Desired Skills Experience with Enterprise‑class endpoint and cloud security technologies, especially within the Microsoft security stack (e.g., Microsoft Defender for Endpoint, Microsoft Defender for Cloud, BitLocker, and related capabilities), including experience implementing and operationalizing Microsoft Security Copilot (e.g., integrations, governance/controls, use‑case development, rollout, and continuous tuning). Experience with Disk Encryption (e.g., BitLocker) and hardening operating systems. Experience with Microsoft Defender for Cloud Apps (and broader Microsoft security ecosystem integrations). Experience with SCCM/Intune for software deployment and endpoint management, and security logging/analytics platforms such as Splunk and/or Microsoft Sentinel/Azure Monitor for dashboards, reporting, and investigation. Experience working in a DevOps/SRE aligned team. Effective troubleshooting skills across hardware, OS, network, and storage. Experience of platform design, build and deployment, with a focus on continual service improvement (CI/CD). Experience of working in an Agile environment. Experience with Unix/Linux, and macOS sysadmin a benefit. Experience with API implementations and key management, including HSM‑backed designs and/or Azure Key Vault. Enterprise security industry certifications (CISSP, SANS, GSEC, etc.). Solutions Architect Certifications in either AWS and Azure. Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents. Our workforce reflects a broad cross‑section of the global communities in which we operate, bringing a variety of backgrounds, talents, perspectives, and experiences. For more information, please visit: #J-18808-Ljbffr