- Provide leadership in the DLP and UBA program at Moody’s and analyze current DLP and UBA capabilities to proactively identify and propose enhancements to the program.
- Lead initiatives to evaluate, choose, implement and provide ownership over DLP and UBA technologies at Moody’s.
- Operationalize DLP and UBA technologies and interface with incident response teams to build alert response procedures for these tools.
- Detect and investigate policy violations, working with other teams for further investigation as appropriate. Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
- Feed DLP and UBA data to the Moody’s SEIM platform (Splunk) and build reports and dashboards that serve the goals of the DLP and UBA program.
- Work as part of a wider information security analytics team to improve the security posture of Moody’s.
- Provide guidance and design for email initiatives including email security gateway and cloud email security.
- Provide technical guidance for the operation of the Imperva database security tool.
- Provide leadership in enhancing the security of communication channels at Moody's to reduce the risk of data loss
CyberSecurity Minimum education and work experience required for this position include:
- At least 5 years of experience in IT industry, preferably in a financial services organization.
- Minimum of 3 recent years direct experience with DLP or UBA technologies.
- Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
- Demonstrated advanced knowledge of DLP concepts.
- Demonstrate advanced knowledge of UBA methodologies or anomaly detection concepts.
- Demonstrate a good level of understanding of message flow between enterprise email technologies.
- BS or BA degree, preferably in Computer Science, other sciences, or Mathematics.
- Relevant certifications such as CISSP are a plus.
- Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
- Strong knowledge of regulatory standards that govern Information Security Incident Response and Investigation practices such as state and federal privacy laws, Electronic Communications Privacy Act.
- Hands-on experience with DLP toolsets and DLP capabilities, including creating DLP policies using regular expressions.
- Hands-on experience investigating DLP alerts and working with technology and business units during such investigations.
- Direct experience with modeling user behavior and performing analysis on user behavior using SEIM tools or dedicated UBA technologies.
- Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
- Proven ability to work within a large enterprise that spans multiple continents is governed by change management and has a tiered support model.
- Significant knowledge of email flow, email security platforms and cloud email platforms such as Office 365.
- Experience with Imperva database security platform is a plus.
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives