Sr Cybersecurity Engineer

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. Moody’s is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we’re advancing AI to move from insight to action—enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock opportunity, helping our clients navigate uncertainty with clarity, speed, and confidence.

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Employer: Moody's Shared Services, Inc.

Title: Sr Cybersecurity Engineer

Location: 7 World Trade Center, 250 Greenwich Street, New York, NY 10007 (Principal place of business – telecommuting permitted)

Duties: Perform dynamic/static testing using various tools, provide recommendations and guidance on mitigations, and validate issue remediation. Maintain detailed evidence documentation throughout process. Communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security. Partner with developer teams to meet security objectives through training and integrating vendors or building solutions for software development processes. Establish polices and standards to guide builders to meet security requirements. Collaborate with colleagues from Cybersecurity Architecture & Assurance, Security Operations, and IT Development in the testing and remediation process, including resolution of issues stemming from risk assessments and third-party penetration testing. Support dynamic/static testing using various tools, provide recommendations and guidance on mitigations, and validate issue remediation. Maintain detailed evidence documentation throughout processes to support compliance obligations. Hold meetings and communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security. Work with developer teams to meet security objectives through training and integrating vendor solutions or building secure solutions into software development processes. Develop strategies to identify, assess, and mitigate security risks across the organization. Collaborate with IT and engineering teams to integrate security best practices into the development and deployment processes. Telecommuting Permitted (100% telecommuting position. Will consider applicants resident in the continental U.S.).

Requirements: Requires a Master’s degree or foreign equivalent in Cybersecurity, Information Technology, Computer Information Systems, or a closely related technical field plus at least two (2) years of experience as an Analyst, Engineer, or in a related position performing information security risk management and architecture review. Must have experience with the following: designing, developing, and deploying security technology and controls, including identifying and selecting vendors that meet security and business requirements; performing forensic analysis and resolving incidents related to cyber-attacks, including reviewing information security resources and performing root cause analysis; applying knowledge and support of various cyber security tools, platforms and processes; assisting in defining technical requirements and process enhancements based on an evolving threat landscape; and working with BurpSuite, OWASP ZAP, Fiddler, Veracode, Snyk, HP Fortify, Dependency Checker, .Net (ASP.Net /C#), JavaScript, AngularJS, and SQL Server/Postgresql. Telecommuting Permitted (100% telecommuting position. Will consider applicants resident in the continental U.S.). Domestic and international travel required approximately 5% of the time. Destination and frequency impossible to predict.

For US-based roles only: the anticipated hiring base salary range for this position is $146,557 to $192,300/yr, depending on factors such as experience, education, level, skills, and location. This range is based on a full-time position. In addition to base salary, this role is eligible for incentive compensation. Moody’s also offers a competitive benefits package, including not but limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, a discounted employee stock purchase plan, and tuition reimbursement.

To apply, please submit resume through careers.moodys.com or via e-mail at hrbox28@moodys.com. Please refer to Job Ref. 13098.

For US-based roles only: the anticipated hiring base salary range for this position is $146,557 to $192,300, depending on factors such as experience, education, level, skills, and location. This range is based on a full-time position. In addition to base salary, this role is eligible for incentive compensation. Moody’s also offers a competitive benefits package, including not but limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, a discounted employee stock purchase plan, and tuition reimbursement.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion or creed, national origin, ancestry, citizenship, marital or familial status, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, military or veteran status, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.

This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement. Click here to view our Notice to New York City Applicants.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.