Senior Cybersecurity Analyst - New York - 9848BR


Moody’s Information Risk team is looking for a Senior Cybersecurity Analyst to join its growing organization. The Senior Cybersecurity Analyst will be responsible for working with Moody’s Cybersecurity’s SIEM platform based on Splunk to design queries that search for anomalies and outliers in order to identify potential security incidents and control failures. The individual will use mathematical and statistical methods to detect security outliers, such as APT communications and/or data exfiltration, as well as trends. In addition, the employee will work with other team members to craft dashboards, reports and alerts in the SIEM system. This is position requires technical background in Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.
The Moody’s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.

Functional Responsibilities
  • Work as part of the Cybersecurity Analytics program, mapping threat types to detection strategies, and working with other Cybersecurity teams such as architecture, and Incident Response.
  • Keep current on external and internal threat behaviors. Translate these behaviors into Splunk search language queries in the SIEM platform.
  • Communicate and escalate detected incidents to the cybersecurity Incident Response team.
  • Automate detection and response technologies to improve the overall efficiency of the team.
  • Construct advanced reports, dashboards and alerts using Splunk and operationalize these capabilities with documentation in the form of standard operating procedures.
  • Assist other technical teams in resolution of security incidents and outages related to information security controls, including coordinating of information security resources and root cause analysis.
  • Detect and investigate policy violations, correcting or working with Compliance for further investigation as appropriate. Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
  • Partner with system owners to identify upcoming end of life components, and plan track their decommissioning.

Cyber Security Services

Minimum education and work experience required for this position include:
  • At least 5 years of experience in IT industry, preferably in a financial services organization.
  • Minimum of 3 recent years direct security analytics or big data analysis.
  • Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
  • Demonstrated advanced knowledge of the Splunk search language, search techniques, alerts, dashboard and report building.
  • BS or BA degree, preferably in Computer Science, other sciences, or Mathematics.
  • Relevant certifications such as CISSP are a plus.
  • Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
Key Competencies
  • Strong knowledge of regulatory standards that govern Information Security Incident Response and Investigation practices such as state and federal privacy laws, Electronic Communications Privacy Act.
  • Hands-on experience with SIEM platforms including Splunk. Expert level of familiarity with SIEM search languages, including mathematical and statistical functions.
  • Solid understanding of Indicators of Compromise and other methodologies to detect incident-related anomalies.
  • Must understand and be familiar with modeling security related data concepts, such as net flow, Web browsing, authentication, email flow, etc.
  • Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
  • Reporting and dashboards – must be able to create reports and dashboards that represent significant data findings to both technical and executive audiences.
  • Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
  • Must have knowledge and practical experience in the implementation, management and maintenance of monitoring and log management tools.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives
Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $3.5 billion in 2015, employs approximately 10,400 people worldwide and maintains a presence in 36 countries. Further information is available at
Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
MIS and MSS Candidates are asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.