VP – Cyber Security Engineer - New York - 16682BR

Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $4.4 billion in 2018, employs approximately 13,100 people worldwide and maintains a presence in 42 countries. Further information is available at www.moodys.com.
Moody’s Shared Services are the front line professionals including Finance, Technology, Legal, Compliance and Human Resources, that operationally support our business units. Exceptional Shared Services teams are vital to the international success of our business.


Moody’s IT Risk department is looking for a VP Manager Cyber Security Engineer to join its growing organization. This is a challenging position requiring deep knowledge of security products and networking. The candidate will be responsible for building and managing a staff of cybersecurity engineers.

The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.

Job Description

  • Responsible for managing a team of cybersecurity engineers.
  • Responsible for Moody’s cybersecurity project deliverables on time and on budget.
  • Partner with technology infrastructure teams and outsourcing providers.
  • Develop, collect and mature security metrics for IT Risk programs.
  • Documenting cybersecurity exceptions and provide mitigations as needed.
  • Provides reviews of cybersecurity engineering design, configuration, and implementations.
  • Maintain blueprints and related documentation for all cybersecurity controls.
  • Provide Engineering support to operations teams and infrastructure teams for upgrades and enhancements to current security technologies.
  • Enhance automation capability across Moody’s Cybersecurity portfolio by developing scripts to automate manual activity.


Minimum education and work experience required for this position include:

  • Preferred 7-12 years of experience in IT industry, preferably in a financial services or consulting organization
  • BS or BA degree, preferably in technology/business or equivalent
  • Prior experience leading or managing cybersecurity engineering teams.
  • CISSP, SANS or equivalent certifications
  • Have excellent networking knowledge; be able to collect and analyze packet captures, use web debugging tools like Fiddler to analyze SSO connectivity issues.
  • Capability to troubleshoot effectively at all OSI layers.
  • Experience with firewall technologies, preferably Palo Alto.
  • Experience with cloud providers, preferably AWS and Azure.
  • Have development experience writing scripts for security controls or cloud services
  • 7+ years IT security product experience

Key Competencies

  • Familiar with one or more following: Python, Ruby, Powershell, Lambda, AWS and Azure APIs, Service Now APIs, Terraform.
  • Familiar with various databases and SQL.
  • Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks. Strong and broad technology background.
  • Ability to think with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
  • Strong knowledge of application architecture, development and secure coding practices.
  • Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Strong presentation skills involving large and of varying IT background audiences.
  • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com.. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.