Job Description
We’re seeking someone to join our Insider Risk Management function as a Digital Forensics & Investigations Lead within Cyber, Data, Risk & Resilience (CDRR), with a focus on leading end-to-end investigations with a disciplined, risk-based approach to evidence handling, proportionality, confidentiality, and regulatory defensibility.
In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities.
What You’ll Do in the Role
- Lead and conduct digital forensic investigations
- Collect, preserve, and analyse digital evidence from a variety of sources
- Apply investigative methodologies to correlate activity across multiple data sources
- Ensure investigations are conducted in line with Firm policies, legal requirements, and regulatory expectations
- Produce clear investigative outputs, including timelines, findings summaries, and remediation recommendations
- Manage electronic discovery (eDiscovery) activities, including identification, preservation, collection, processing, and production of electronically stored information (ESI)
- Design and execute data collection criteria across email archives, collaboration platforms, file shares, and enterprise systems
- Ensure compliance with data privacy, retention, and jurisdictional requirements
What You’ll Bring to the Role
- Experience conducting digital investigations, including insider risk, incident response, or data exfiltration cases
- Ability to act as a primary point of contact for investigation and eDiscovery matters, managing cases from intake through closure
- Strong stakeholder management skills, with the ability to define scope, assess risk, and align on timelines and deliverables
- Coordinate across multiple teams and regions
- Analytical mindset with the ability to synthesise information into clear findings and conclusions
- Strong SIEM analysis and data correlation skills, with experience working through complex datasets, analysing infrastructure and security logs
- Hands on experience with digital forensic tools
- Strong working knowledge of Microsoft 365 (M365) environments
- Ability to clearly articulate complex technical matters to diverse stakeholders
- Strong understanding of technology risk, security concepts, and enterprise infrastructure
- Solid experience in eDiscovery, including message archive systems and formulation of complex search and collection criteria
- Experience working with Regulatory, Compliance, Litigation, or Investigations teams within the financial services industry
- Scripting or automation skills for investigative efficiency
- Experience working across multiple regions
- Relevant security certifications (e.g. GCFE, GCFA, CISSP) are considered as an advantage
Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents. Our workforce reflects a broad cross-section of the global communities in which we operate, bringing a variety of backgrounds, talents, perspectives, and experiences.
For more information, please visit: