Moody’s IT Risk department is looking for a Cloud Security Engineer to join its growing organization. This is a challenging position requiring development and automation experience, and a deep knowledge of IT Risk solutions. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability to work independently and with minimal oversight.
The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement, and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.
· Develop and maintain automation scripts and code to support IT Risk and Cloud programs.
· Act as the Cybersecurity SME to Moody’s technology infrastructure teams and outsourcing providers.
· Documenting Cybersecurity exceptions and working with senior Cybersecurity team members to update procedures where appropriate.
· Function as lead engineer for several IT Risk projects. The lead engineer provides security design, configuration, implementation, burn-in, and transition to operations, of security technologies.
· Provide Engineering support to operations teams and infrastructure teams for upgrades and enhancements to current security technologies.
· Provide security engineering design and implementation expertise for Infrastructure and Moody’s Analytics projects, making sure that security requirements are fulfilled and escalating issues where necessary.
· Develop, collect and mature security metrics for IT Risk programs.
Cyber Security Services Minimum education and work experience required for this position include:
·Minimum 5-7 years of experience in IT industry, preferably in Financial services or consulting organization
·BS or BA degree, preferably in technology/business or equivalent
· Experience with Agile/Scrum
·3-5 years prior development experience
·5-7 years IT security product experience
·Familiar with one or more following: Java, Python, Ruby, AWS and Azure APIs, Service Now APIs Terraform, Ansible.
·Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks. Strong and broad technology background.
·Ability to think with a security mindset. The successful candidate has a strong IT background with in-depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
·Strong knowledge of application architecture, development, and secure coding practices.
·Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
·Strong presentation skills involving large and of varying IT background audiences.
·Proven ability to work within a large enterprise that spans multiple continents is governed by change management and has a tiered support model.