The Moody’s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team has global responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Cybersecurity team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. The team is responsible for key programs including Cybersecurity Operations, Engineering, Patch and Vulnerability Management, Data Loss Prevention, Access Control, Threat Management, Security Monitoring and Incident Response.
The Senior Cybersecurity Engineer - Operations will maintain system health, configuration, perform changes, upgrades, patching and recommend new technologies, for Moody’s cybersecurity systems such as firewalls, proxies, single sign-on, VPN, etc. The individual will also assist teams responsible for executing projects, providing guidance on how to integrate new technologies and solutions into the operational environment. The successful candidate will have a strong background in the areas of business process and service desk ticketing systems, security best practices standards (ISO, NIST, COBIT), and audit and regulatory frameworks such as SOX. Strong documentation skills are also crucial to being successful in this role.
- Function as lead Cybersecurity Operations engineer for several security systems (e.g. single sign-on, internet certificate issuance, endpoint anti-malware, endpoint encryption) and backup for other systems (firewall, VPN, content filtering, wireless network access). Maintain system health, monitoring, patch levels and vulnerability management, as well as end of life management.
- Assist in the maintenance of the Log Archiving (Splunk) platform. Work alongside the Splunk operations team, following up on incidents, designing and implementing enhancements, and providing reports to management which include meaningful metrics.
- Provide Cybersecurity operational support to infrastructure teams for upgrades and enhancements to current securitytechnologies.
- Keeps abreast of current technologies in cybersecurity, making recommendations for changes or upgrades, enhancements and presenting proposals to management and other team members.
- Produce and maintain operational processes and procedures for use by all support personnel
- Work within current change management processes to apply system updates and patches, provide support for supported security tools.
- Remain up to date with current attack methods and characteristics in order to identify threats in support during incidents.
- Maintain and grow our current and future partner relationships.
- Carry out triage on raised incidents and support the incident management process.
- Maintain and align Moody’s Information Security policies and standards with industry best practices and business needs.
Information Risk and Security Qualifications:
Minimum education and work experience required for this position include:
- Minimum of 2 plus years of experience in the IT industry and at least 1 year of experience in Information Security or closely related fields.
- Expertise in design documentation and tools, such as Microsoft Visio.
- BS or BA degree, preferably in technology/business or equivalent.
- Relevant certifications such as CISSP, CISM or PMP are a plus.
- Ability to think with a security mindset. The successful candidate has a strong IT background with expert level knowledge of a key security practice area: access control; application security; networksecurity; monitoring; endpoint; etc.
- Understanding of regulatory standards that govern Information Security practices such as SOX, PCI, and state and federal privacy laws.
- Experience working with Microsoft Windows in an Active Directory environment, including group-based security and group policy.
- Knowledge of TCP/IPnetworking including basic firewall and packet filtering concepts.
- Experience with ISO-27002, NIST and/or SANS CSC aligned security program.
- Working knowledge of Splunk as both a user (searching, reporting, alerting) and an administrator.
- Experience with shell scripting or PowerShell a plus.