Moody’s IT Risk department is looking for an AVP Cyber Security Engineer to join its growing organization. This is a challenging position requiring deep knowledge of security products and networking. The candidate should be motivated and willing to take on challenges, able to multi-task to succeed and have the ability to work independently and with minimal oversight.
The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.
Act as the Cybersecurity Engineering AVP to Moody’s technology infrastructure teams and outsourcing providers.
Develop Cybersecurity Engineering blueprints and solutions to enable business demand.
Function as the main SME for a range of security products in the CyberSecurity portfolio.
The Cybersecurity engineering AVP will perform the hands on execution of work to enable the various products and service.
The Cybersecurity engineering AVP will create security designs, configure security controls, and validate various work assumptions..
Enhance automation capability across Moody’s Cybersecurity portfolio by developing scripts to automate manual activity.
Develop, collect and mature security metrics for IT Risk programs.
Minimum education and work experience required for this position include:
Minimum 7-12 years of experience in IT industry, preferably in a financial services or consulting organization
BS or BA degree, preferably in technology/business or equivalent
CISSP, SANS or equivalent certifications
Have excellent networking knowledge; be able to collect and analyze packet captures, use web debugging tools like Fiddler to analyze SSO connectivity issues.
Capability to troubleshoot effectively at all OSI layers.
Have development experience writing scripts for security or cloud services
5-7 years prior development experience
5-10 years IT security product experience
Familiar with one or more following: Python, Ruby, Powershell, Lambda, AWS and Azure APIs, Service Now APIs, Terraform.
Familiar with various databases and SQL.
Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks. Strong and broad technology background.
Ability to think with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
Strong knowledge of engineering design principles, development and secure coding practices.
Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
Strong presentation skills involving large and of varying IT background audiences.
Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.