Sr Cybersecurity Engineer - Perimeter Security

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Functional Responsibilities

• Optimize perimeter defense by implementing and tuning WAF policies
• Identify attack vectors and new threats and coordinate with the relevant Cybersecurity, Infrastructure and Application teams to ensure defense in depth
• Ensure enforcement of cloud (AWS, Azure) security policies with tools like CloudWatch, Prisma Cloud and others
• Familiarity with Perimeter Security toolsets such as Cloudflare Web Application Firewall (WAF)
• Interpreting the results of penetration tests and security scans to provide risk-based recommendations for remediation
• Collaborate with IT and engineering teams to integrate security best practices into the development and deployment processes.
• Implement and maintain security controls, policies, and procedures to protect cloud environments and data assets.
• Analyze and respond to security incidents, providing timely and effective resolution and root cause analysis.
• Provide expertise in network security, including the design, implementation, and management of secure network architectures.
• Stay updated with the latest cybersecurity trends, threats, and technologies, and apply this knowledge to improve the organization's security posture.
• Coordinating penetration tests for SaaS applications
• Build & deploy security infrastructure and automate security operations for customers
• Assist subject matter experts on range of security products in the Cybersecurity portfolio.
• Develop, collect and mature security metrics for Cyber Risk programs.

Qualifications

• BS or BA degree or relevant certifications, preferably in Information Systems, Computer Science, Computer Engineering or equivalent
• 3-5 years of solid, diverse work experience in the IT industry, including experience in Network or 3-5 years of experience in at least one of the following Security domains; Application, Endpoint or Network security
• Hands on experience with cloud technology; AWS, Azure, GCP

Key Competencies

• Strong interpersonal, analytical, problem solving and communication skills.
• Solid understanding of network and security concepts, including PKI and DNS
• Hands on experience with enterprise security solutions such as WAF and DDoS protection; Familiarity of Akamai, Imperva, or Cloudflare is a plus
• Hands-on technical expertise in building security capabilities in code and deploying infrastructure in code
• Proficient scripting skills, i.e., Terraform, PowerShell, Python, Lambda, JavaScript, etc.
• Technical expertise (design and/or implementation) in Cloud Computing technologies
• Ability to quickly assimilate new technologies, tools, internal/external systems, and design frameworks. Strong and broad technology background.
• Ability to think with a security mindset. The successful candidate has a strong Cyber background with depth knowledge of several related key security Domains.
• Excellent written and oral communication skills including the ability to interact directly with customers that do not have an IT background.

About the Team
The Cybersecurity team is globally responsible for tracking security weaknesses, recommending improvements, and helping the company apply ever higher security standards. The job requires a concentrated and productive relationship with delivery and operation groups across the company.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.