Location(s): MIS Support Center, 4th floor, East Tower, Eurocenter Business Center, in front of Cenada, Heredia, 40104, CR Line Of Business: CYBERSECURITY(CSG)
Job Category: Engineering & Technology Experience Level: Experienced Hire
At Moody's, we unite the brightest minds to turn today's risks into tomorrow's opportunities. We strive to create an inclusive environment where everyone feels welcome to be who they are, with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways.
Moody's Information Risk and Security is looking for a Sr. Cybersecurity Engineer to join its growing organization. This challenging position requires a strong background in Information Security practice, solid communication and organization skills, and deep knowledge of Information Security as it applies to infrastructure and cloud components. The candidate should be motivated, willing to take on challenges, able to multi-task, and work independently with minimal oversight.
The Moody's Information Risk and Security team helps the organization balance risk by aligning policies and procedures with Moody's business and regulatory requirements. The team's mission is to identify risks to Moody's data and systems and implement strategies to defend against and mitigate those risks. They are responsible for key programs including Security Architecture, Cyber Security, Identity Management, and Vendor Security Management.
Functional Responsibilities: Provide security architecture designs and consulting services for enterprise IT projects across multiple platforms, ensuring alignment with Moody's security architecture.Support the creation and adherence to Cyber Security and Information Security Reference Architectures by collaborating with Cyber Security Engineering teams.Perform application and infrastructure Risk Assessments to determine appropriate technical/process solutions to protect assets.Support successful delivery of Information Security projects and services by working directly with key business stakeholders and technology SMEs.Liaise with Business Information Security Officers and application development community to identify and reduce Information Security risk within applications.Collaborate on problem analysis, proof-of-concepts, pilots, MVP design, and quality control related to IT infrastructure security solutions.Monitor progress of corrective action plans and risk exceptions.Develop and refine metrics and provide reporting to peers and senior executives.Qualifications: Minimum 7-10 years of experience in the IT industry, preferably in a financial services or consulting organization.Minimum 3-5 years of experience in Project Management and/or Web/Application Development/Architecture.BS or BA degree, preferably in technology/business or equivalent.Thorough understanding of next generation infrastructure, virtualization, network and micro segmentation, Firewalls, IDSs, WAFs, Containers, etc.Relevant certifications such as CISSP, SANS, CCNA/P/E or other known technical certifications are a plus.Development experience with Python, Lambda, PowerShell is a plus.Key Competencies: Ability to think with a security mindset; a strong IT background with knowledge of key security practice areas: network/host security, cloud security, and security architecture.Adaptability and flexibility to work on a variety of assignments as defined by evolving priorities.Knowledge of AWS or Azure Cloud technologies, Active Directory, Authentication/Authorization protocols, and Single Sign-On technologies.Knowledge of NIST, CIS, and CCM security controls.Strong written and oral communication skills, including the ability to interact with non-IT customers.Strong presentation skills for diverse IT background audiences.Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity, or any other characteristic protected by law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.
#J-18808-Ljbffr