Moody’s Information Risk team is looking for an Senior Cybersecurity Analyst to join its growing organization. The Senior Cybersecurity Analyst will be responsible for continuing the development of a Data Loss Prevention (DLP) and User Behavior Analysis (UBA) program at Moody’s.
The individual will be required to work closely with other members of the Information Risk and Cybersecurity team to set objectives for the DLP and UBA program. The individual will be responsible for the successful delivery of DLP and UBA program activities, as well as operationalizing the program and working with key business stakeholders throughout this process. The role will involve working with project managers at Moody’s to evaluate, deploy, and operationalize DLP and UBA technology. This role will involve working with incident response teams to craft appropriate response procedures for DLP and UBA alerts and reports as well as interfacing with business leaders to identify false positives. The role will involve documenting and implementing processes and procedures associated with DLP and UBA technologies.
This position requires technical background in Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, keen to work with multiple technologies, able to multi-task to succeed and has the ability work independently and with minimal oversight.
The Moody’s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.
- Provide leadership in the DLP and UBA program at Moody’s and analyze current DLP and UBA capabilities to proactively identify and propose enhancements to the program.
- Lead initiatives to evaluate, choose, implement and provide ownership over DLP and UBA technologies at Moody’s.
- Operationalize DLP and UBA technologies and interface with incident response teams to build alert response procedures for these tools.
- Detect and investigate policy violations, working with other teams for further investigation as appropriate. Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
- Feed DLP and UBA data to the Moody’s SEIM platform (Splunk) and build reports and dashboards that serve the goals of the DLP and UBA program.
- Work as part of a wider information security analytics team to improve the security posture of Moody’s.
- Provide guidance and design for email initiatives including email security gateway and cloud email security.
- Provide technical guidance for the operation of the Imperva database security tool.
- Provide leadership in enhancing the security of communication channels at Moody's to reduce the risk of data loss
CyberSecurity Minimum education and work experience required for this position include:
- At least 5 years of experience in IT industry, preferably in a financial services organization.
- Minimum of 3 recent years direct experience with DLP or UBA technologies.
- Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
- Demonstrated advanced knowledge of DLP concepts.
- Demonstrate advanced knowledge of UBA methodologies or anomaly detection concepts.
- Demonstrate a good level of understanding of message flow between enterprise email technologies.
- BS or BA degree, preferably in Computer Science, other sciences, or Mathematics.
- Relevant certifications such as CISSP are a plus.
- Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
- Strong knowledge of regulatory standards that govern Information Security Incident Response and Investigation practices such as state and federal privacy laws, Electronic Communications Privacy Act.
- Hands-on experience with DLP toolsets and DLP capabilities, including creating DLP policies using regular expressions.
- Hands-on experience investigating DLP alerts and working with technology and business units during such investigations.
- Direct experience with modeling user behavior and performing analysis on user behavior using SEIM tools or dedicated UBA technologies.
- Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
- Proven ability to work within a large enterprise that spans multiple continents is governed by change management and has a tiered support model.
- Significant knowledge of email flow, email security platforms and cloud email platforms such as Office 365.
- Experience with Imperva database security platform is a plus.
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives