Rodeo
ResourcesPartnersSign in

Morgan Stanley

Cyber, Privacy & Resilience Legal Counsel – Vice President

Glasgow
Posted 11 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Cyber, Privacy & Resilience Legal Counsel – Vice President

Location – Glasgow

Morgan Stanley is seeking a qualified lawyer with experience in relation to data protection, privacy, operational resilience, fraud, and cybersecurity laws in Europe, Middle East and Africa (EMEA), including regulatory matters, investigations, and advisory legal work.


About the Role

The Cyber, Privacy & Resilience Legal team is a global team focused on cybersecurity, privacy, fraud, and operational resilience matters in support of all Morgan Stanley entities. This role represents a principal legal advisory function within a dynamic and impactful team.


Overview the Cybersecurity & Privacy Legal Team

The Cyber & Privacy Legal team provides legal guidance on global cybersecurity, privacy, data, fraud, and operational resilience – embedding best-in-class legal risk management across Morgan Stanley’s global organisational footprint.


Key Responsibilities

As a Vice President Legal, your main tasks include:

  • Serve as principal legal advisor for cybersecurity, privacy, data security, fraud, and operational resilience matters to Morgan Stanley’s business units in the EMEA region.
  • Develop a comprehensive cybersecurity, privacy, data protection, fraud, and operational resilience framework that aligns with EMEA relevant laws and regulations.
  • Advise senior leadership and business stakeholders, providing strategic direction on contended regulatory emerging technologies and high-profile projects.
  • Draft and review employee policies and procedures related to data protection, privacy, operational resilience and information security management.
  • Provide guidance on:
    • The collection, storage, and sharing of client and employee information – addressing data localisation, data transfer restrictions, banking secrecy laws and other related regulations.
    • Use of profiling, surveillance, monitoring techniques, and tracking technologies.
  • Lead, provide legal oversight to cyber, fraud, information security, and operational incidents – including notification obligations for regulators, clients, and third parties.
  • Navigate regulatory investigations and manage litigation-related requests concerning data privacy, security, or operational resilience matters.
  • Facilitate client privacy rights requests, regulator inquiries and third-party data accessrides.
  • Stay current with regulatory changes and industry trends, while aligning Morgan Stanley’s strategy with best practices.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

What We’re Looking For

  • Legal Qualifications: Qualified lawyer with a minimum of 7+ years’ experience, including experience with financial services-related law, preferably with exposure to regulated firms.
  • Deep Regulatory Knowledge: Proficient expertise in UK FCA/PRA Operational Resilience rules, EU DORA, NIS2, Cyber Resilience Act, UK/EU GDPR, and other regulations related to AI, marketing, elections, or related data laws.
  • Cybersecurity Foundation: Demonstrated understanding of cybersecurity risk management, incident response communications, regulatory proceedings, breaches, and data protection frameworks (such as ISO27001, NIST or SOC2).
  • Senior Decision-Making: Ability to articulate, and work effectively with executive stakeholders, explaining complex legal risks/solutions in a simple and practical manner for business impact.
  • Eloquent Communication: Knacks for polished written and verbal articulation with execute presence.
  • Analytical Abilities: Skill in holistic problem-solving, synthesising legal and technical complexities to derive actionable recommendations.
  • Teamwork: Ability to collaborate well in group settings or independently, create client synergies and maintain clear boundaries.
  • Time Management/Responsibility: Prior proven track record of meeting deadlines, learning quickly, taking initiative and initiating large-measure nonassigned work.
  • Technical Familiarity: Bonus: Experience in information security/compliance tools or knowledge of IT security frameworks (e.g., CIS Benchmarks, the Center for Internet Security Controls, or AI security models).

Certifications and Benefits

  • Preferred Technical Credentials: International Association of Privacy Professionals (IAPP) certification or CIPP/E GDPR/CPRA/CPA trademarks (encouragement, but not mandatory).
  • Good Experience: Technical background in information security principles (helpful but non-mandatory).

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Expectations from Morgan Stanley

Morgan Stanley prioritises client success by alleviating capital risk, providing global insights, and fostering innovation. We demonstrate integrity, diversity, and inclusive policies that empower our employees around 200 regions globally.

Our culture is collaborative and original, focusing on the following values:

  • Place clients first.
  • Acting with integrity and leading through principled actions.
  • Supporting diversity, equity, and inclusion.
  • Empower employees through flexible, competitive benefits and novel workplace arrangements.

For more details, please explore our Office Locations: Morgan Stanley Global Offices


Regular Work Policies

  • Some positions may require Certified qualifications to align with regulatory mandatory certifications and internal certifications benchmarks.
  • Flexible work arrangements are encouraged – in line with Morgan Stanley’s flexible working policy.

Career Flexibility and Inclusion

Morgan Stanley facilitates flexible employment options, nurturing innovations, and innovative approaches for employees.

On Diversity and Inclusion, we uphold a principle that everyone, regardless of background, is valued for their contributions. Morgan Stanley takes a proactive approach toward workplace diversity.

To learn more, visit: Morgan Stanley’s Diversity and Inclusion

Morgan Stanley champions strong values of building sustainable futures beyond just secure investments and services. We are committed to ethics, environmental stewardship and other fundamental principles that influence our every decision.

We invite you to become a part of our company that prioritises lifelong learning, creative thinking, long-term entrepreneurship, and partnership growth.


Additional Remarks

Interested applicants should apply directly via [Morgan Stanley Careers](Morgan Stanley Page Link) to inquire further.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Data Protection
Privacy Law
Operational Resilience
Cyber Security Law
Regulatory Compliance
Incident Response
Breach Notification
Legal Advisory
Risk Management
Stakeholder Management
Regulatory Engagement
Data Localisation
Banking Secrecy
Profiling and Surveillance Law
Legal Writing
Problem Solving

Location

Glasgow, Scotland, United Kingdom

Sign up to applySee more jobs like this