Cybersecurity Engineer - Red Team

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. Moody’s is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we’re advancing AI to move from insight to action—enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock opportunity, helping our clients navigate uncertainty with clarity, speed, and confidence.

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies

• Strong knowledge of offensive security testing methodologies; including operating system, software and web application vulnerabilities and exploitation techniques.
• Strong understanding of networking fundamentals (OSI layers, protocols, etc.), and Windows and Linux operating systems.
• Strong knowledge of, and experience with, commercial or open-source offensive security tools, as well as at least one scripting language (e.g. Python, Perl, PowerShell).
• Excellent verbal and written communication skills; articulate and visually present technical information to a non-technical audience, build lasting relationships with stakeholders.
• Ability to work independently within minimal supervision; timely and accurate delivery of assigned tasks, seeks help from peers or supervisor(s) as and when required.
• Ability to work in a time-sensitive environment; must be detail oriented and able to prioritize accordingly to meet deadlines and company objectives.
• Basic understanding of artificial intelligence concepts, with curiosity and enthusiasm for learning how AI tools can be used to improve processes and drive efficiency. Interest in exploring AI systems and a willingness to develop awareness of responsible AI practices, including risk management and ethical use.

Education 

• Desired: BS or BA degree, preferably in Information Security, Computer Science or equivalent.
• Relevant certifications such as SANS (GPEN, GXPN, GWAPT, GCPN), TCM Security (PNPT, PJPT), Offensive Security (OSCP, OSCE), or equivalent are considered a plus.
• 2-3 years working experience in a related cyber security role.

Responsibilities
The Cybersecurity Engineer – Red Team will be emulating real-world cyber-attacks to assess defences, uncover vulnerabilities, and strengthen organisational security posture.

• Support the Red Team Lead with day-to-day operations and strategy for the team, take end-to-end ownership of red team engagements (with guidance and support as needed).
• Build and maintain offensive security infrastructure for both continuous testing and unannounced exercises.
• Contribute to maintaining Moody’s external security posture by conducting independent security validations.
• Perform technical security testing to assess and validate security posture and related risk; document and communicate findings to senior management.
• Maintain up-to-date knowledge of the cyber threat landscape, including emerging offensive security techniques; regularly produce situational awareness digests and suggest improvements to Moody’s security posture where relevant.
• Participate in cyber security projects and initiatives; provide technical expertise, operational support and testing (e.g. Breach & Attack Simulation, Purple Teaming).
• Assist the Security Operations Centre (SOC) with enhancing capabilities, and the Cyber Incident Response Team (CIRT) with responding to cyber incidents, as required.

About the team
Our Cyber Threat Management team is responsible for proactively identifying, preparing for, responding to, and learning from significant cyber threats. One of the ways we do this is by conducting controlled, intelligence-driven offensive operations, simulating advanced threat scenarios across Moody’s infrastructure. 

By joining our team, you will be part of high-profile engagements, sitting alongside the wider Cyber Security team (e.g. SOC, Threat Intelligence, Engineering), and collaborating globally across the organization to safeguard Moody’s.

#LI-Hybrid

Annual base salary gross: 42,100 EUR  to 67,500 EUR. Applicable to Lithuania candidates: The base salary range represents the low and high end of the Moody’s salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate’s qualifications, skills, and competencies. The salary is one component of Moody’s total compensation package for employees. Other rewards and benefits include the following: Medical, Personal Accident, Life Insurance and Time Off.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.