Business Analyst - Privacy (Non-Financial Risk)

Company Profile

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management, and wealth management services. The firm's employees serve clients worldwide, including corporations, governments, and individuals, from more than 1,200 offices in 43 countries.

As a market leader, the talent and passion of our people are critical to our success. We share a common set of values rooted in integrity, excellence, and a strong team ethic. Morgan Stanley offers a platform for building a professional career—an environment to learn, achieve, and grow. Our culture emphasizes a balance between personal lifestyles, perspectives, and needs.

Department Profile

The Legal and Compliance Department (LCD) oversees and coordinates the firm's compliance with core regulatory requirements across all business areas, including Institutional Sales and Trading (fixed income, commodities, equities), Investment Banking, Research, Investment Management, and Infrastructure Divisions.

Team Profile

The Privacy Non-Financial Risk (NFR) team acts as a second line of defense, supporting the entire firm and promoting fair, transparent, and lawful practices related to the processing of Personally Identifiable Information (PII). The successful candidate will work within Privacy NFR, focusing on managing the privacy program tools and processes that underpin our initiatives.

This is an exciting opportunity to join a newly established team in Glasgow, which is part of the wider Privacy NFR team based across the US, EMEA, and APAC.

What Will You Be Doing

The role primarily focuses on the tooling used within the privacy program, such as supporting Privacy Impact Assessments. Responsibilities include:

• Collaborating with business unit and LCD stakeholders to gather requirements for changes and enhancements to privacy tools, including those driven by regulatory or business changes.
• Working with technology teams to analyze, design, and implement business requirements, including change management, UAT, and troubleshooting.
• Fostering continuous improvement and acting as a point of contact for stakeholders regarding tool functionality or performance.
• Engaging with stakeholders to consider new processing activities and privacy considerations.

What We're Looking For

Candidates should have:

• Experience building or maintaining tools/systems and testing these systems.
• Experience acting as or working as a Business Analyst.
• Knowledge of the software development lifecycle and methodologies like Agile.
• Excellent written and verbal communication skills, including stakeholder management.
• Ability to manage competing priorities in a fast-paced environment.

Desirable Skills

Additional preferred qualifications include:

• Experience in the financial services industry.
• Familiarity with privacy tools such as BigID or OneTrust.
• Understanding of global privacy regulations like GDPR, CPRA, Quebec’s Law 25, or experience conducting privacy impact assessments.
• IAPP certifications such as CIPP, CIPM, CIPT, or AI Governance.
• Experience designing, building, and maintaining Tableau reports.

What You Can Expect From Morgan Stanley

Morgan Stanley is committed to high standards of service and excellence, guided by values such as putting clients first, integrity, innovation, diversity, and community engagement. We offer a supportive environment with opportunities for growth and development, along with comprehensive employee benefits.

Certified Persons Regulatory Requirements

This role may require mandatory regulatory qualifications or minimum internal benchmarks depending on certification requirements.

Flexible Work Statement

Morgan Stanley supports flexible working arrangements. Contact our recruitment team for more information.

Morgan Stanley is an equal opportunities employer dedicated to fostering an inclusive environment where all individuals can reach their full potential.