Avp, Cybersecurity Engineer

Imagine what we can DEVELOP with you

True leaders are always learning. Moody’s is home to information architects, thinkers, builders, and passionate problem solvers, a collection of diverse viewpoints working together to bring out our best. Join us. Forward Together.

Moody’s Shared Services are the front line professionals including Finance, Technology, Legal, Compliance and Human Resources, that operationally support our business units. Exceptional Shared Services teams are vital to the international success of our business.

Department

Information Risk and Security (INFORISK) - Cyber Security Services

Role/Responsibilities

The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.

Functional Responsibilities
- Support successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders and technology SMEs.
- Provide engineering and operational support for network security products and services (new deployments, hardware refresh/upgrades, migrations, and feature implementation).
- Support the evaluation of security concerns with new and emerging technologies with particular focus on SaaS, PaaS and IaaS specifically MS Azure / AWS.
- Evaluate security controls native to Amazon Web Services, Microsoft Azure and Google Cloud Platform and provide consulting services to business units leveraging cloud technologies.
- Mentor and guide other teams in the organization on network security best practices, security vulnerabilities and implementation/enforcement of the compensating controls.
- Assist with creating security designs and configure security Controls within the Cyber Security Engineering portfolio
- Develop, collect, and mature security metrics for IT Risk programs.

**Qualifications**:

- BS or BA degree or relevant certifications, preferably in Information Systems, Computer Science, Computer Engineering or equivalent
- 5-7 years of solid, diverse work experience in the IT industry, including experience in Network, Cloud or Security engineering technologies:

- Firewalls (Palo Alto preferred)
- Routing and Switching (Cisco, Palo Alto, Juniper)
- Remote Access/VPN Solutions
- NAC
- Content Filtering
- Automation or Scripting skills, i.e. Ansible, Lambda, SOAR
- SIEM tools, i.e. Splunk
- 3-5 years of experience in at least one of the following Security domains; Application, Endpoint or Network security
- Strong hands on experience with cloud technology; AWS, Azure, GCP
- Working knowledge of DNS, PKI
- Working knowledge of WAF and DDoS solutions is a plus

Key Competencies
- Adaptability and flexibility to work on a variety of assignments as defined by constantly evolving priorities.
- Knowledge of AWS or Azure Cloud technologies, Active Directory, Authentication/Authorization protocols, and Single Sign On technologies.
- Technical expertise (design and/or implementation) with Palo Alto FW’s or other NGFW
- Solid understanding of network and security concepts, including PKI and DNS
- Proficient scripting skills, i.e., PowerShell, Python, Lambda, JavaScript, Bash, Ruby, Perl, etc.
- Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks. Strong and broad technology background.
- Excellent written and oral communication skills including the ability to interact directly with customers that do not have an IT background.

Must be fully vaccinated for COVID-19 (i.e., at least 2 weeks after last dose) and, if hired, present proof of vaccination on start date, as determined by Moody’s.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.

This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement.