AVP, Cybersecurity Engineer – Network Security (100% Remote Throughout US) - Charlotte | New York | Remote - 23211BR

Moody's (NYSE: MCO) is a global integrated risk assessment firm that empowers organizations to make better decisions. Our data, analytical solutions and insights help decision-makers identify opportunities and manage the risks of doing business with others. We believe that greater transparency, more informed decisions, and fair access to information open the door to shared progress. With over 11,000 employees in more than 40 countries, Moody's combines international presence with local expertise and over a century of experience in financial markets. Learn more at moodys.com.

At Moody’s, we’re taking action. We’re hiring diverse talent and providing underrepresented groups with equitable opportunities in their careers. We’re educating, empowering and elevating our people, and creating a workplace where each person can be their true selves, reach their full potential and thrive on every level. Learn more about our DE&I initiatives, employee development programs and view our annual DE&I Report at moodys.com/diversity
Moody’s Shared Services are the front line professionals including Finance, Technology, Legal, Compliance and Human Resources, that operationally support our business units. Exceptional Shared Services teams are vital to the international success of our business.


Information Risk and Security (INFORISK) - Cyber Security Services

Job Description

Moody’s is looking for an AVP Cybersecurity Engineer to join its growing Cyber Security organization. This is a challenging position requiring deep knowledge of security and network products and concepts. The candidate should be motivated and willing to take on challenges, able to multi-task to succeed and can work independently and with minimal oversight.

The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.

Functional Responsibilities
• Support successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders and technology SMEs.
• Provide engineering and operational support for network security products and services (new deployments, hardware refresh/upgrades, migrations, and feature implementation).
• Support the evaluation of security concerns with new and emerging technologies with particular focus on SaaS, PaaS and IaaS specifically MS Azure / AWS.
• Evaluate security controls native to Amazon Web Services, Microsoft Azure and Google Cloud Platform and provide consulting services to business units leveraging cloud technologies.
• Mentor and guide other teams in the organization on network security best practices, security vulnerabilities and implementation/enforcement of the compensating controls.
• Assist with creating security designs and configure security Controls within the Cyber Security Engineering portfolio
• Develop, collect, and mature security metrics for IT Risk programs.


• BS or BA degree or relevant certifications, preferably in Information Systems, Computer Science, Computer Engineering or equivalent
• 5-7 years of solid, diverse work experience in the IT industry, including experience in Network, Cloud or Security engineering technologies:
• Firewalls (Palo Alto preferred)
• Routing and Switching (Cisco, Palo Alto, Juniper)
• Remote Access/VPN Solutions
• Content Filtering
• Automation or Scripting skills, i.e. Ansible, Lambda, SOAR
• SIEM tools, i.e. Splunk
• 3-5 years of experience in at least one of the following Security domains; Application, Endpoint or Network security
• Strong hands on experience with cloud technology; AWS, Azure, GCP
• Working knowledge of DNS, PKI
• Working knowledge of WAF and DDoS solutions is a plus

Key Competencies
• Ability to think with a security mindset. The successful candidate has a strong IT background within depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
• Adaptability and flexibility to work on a variety of assignments as defined by constantly evolving priorities.
• Knowledge of AWS or Azure Cloud technologies, Active Directory, Authentication/Authorization protocols, and Single Sign On technologies.
• Technical expertise (design and/or implementation) with Palo Alto FW’s or other NGFW
• Solid understanding of network and security concepts, including PKI and DNS
• Proficient scripting skills, i.e., PowerShell, Python, Lambda, JavaScript, Bash, Ruby, Perl, etc.
• Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks. Strong and broad technology background.
• Excellent written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
Must be fully vaccinated for COVID-19 (i.e., at least 2 weeks after last dose) and, if hired, present proof of vaccination on start date, as determined by Moody’s.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.

This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.