Sr Cybersecurity Engineer - Digital Forensics & Incident Response (DFIR)

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies
* Solid understanding of fundamental cybersecurity and networking concepts and terminology; e.g. protocols, ports, processes, OWASP, MITRE ATT&CK, NIST, CIS, etc.
* Excellent analytical and problem-solving skills; able to think outside the box and ask probing questions to identify root cause and risk exposure.
* Excellent verbal and written communication skills; articulate and visually present technical information to a non-technical audience, build lasting relationships with stakeholders.
* Ability to work independently within minimal supervision; timely and accurate delivery of assigned tasks, seeks help from peers or supervisor(s) as and when required.
* Ability to work in a time-sensitive environment, remain calm under pressure, maintain composure, follow processes, and purposefully prioritize to meet deadlines.
* Experience in digital forensics technology, procedures, and processes, and the ability to talk confidently about each stage of the Cyber Incident Response Lifecycle (NIST/SANS).
* A can-do attitude; comfortable ‘wearing many hats’ and demonstrating focus and proactiveness to get the job done, with a strong desire to learn and develop your skills.

Education
* Desired: BS or MS degree, preferably in Technology, Computer Science or Cybersecurity.
* Relevant certifications from GIAC (e.g. GCIH, GCFA, GFCE), ISC2 (e.g. CISSP), ISACA (e.g. CISM) or other industry-recognized certification bodies considered a plus.
* 3-5 years working in a similar cyber security role

Responsibilities
* Deliver timely review and response of security events or investigations escalated by the SOC or other internal or external sources; invoke Incident Response Plan where necessary.
* Provide on-call support for emergency or high severity issues, communicate and escalate incidents to management in accordance with the Incident Response Plan.
* Participate in cyber security projects and initiatives; provide technical expertise, operational support and testing (e.g. Threat Intelligence, Cyber Deception, Purple Teaming).
* Keep abreast of current security threats, events, technologies, vendors and other aspects of the cyber threat landscape; drive enhancements to our security posture where appropriate.
* Perform forensic review of systems in response to incidents or investigations, write and test playbooks for common incident response scenarios, participate in cyber tabletop exercises.

#LI-SD1 #LI-Hybrid

Annual base salary gross: 49,600.00 to 79,200.00. Applicable to Lithuania candidates: The base salary range represents the low and high end of the Moody’s salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate’s qualifications, skills, and competencies. The salary is one component of Moody’s total compensation package for employees. Other rewards and benefits include the following: Medical, Personal Accident, Life Insurance and Time Off.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.