Sr Cybersecurity Engineer - Threat & Vulnerability Management (100% Remote Throughout US)
Job Description Moody's IT Risk department is looking for an Sr. CyberSecurity Engineer to join its growing
organization. This is a challenging position requiring deep knowledge and experience with security standards, threat & vulnerability management, scripting and programming languages for automation. The candidate should be motivated and willing to take on challenges, able to multi-task, collaborate, have strong communication and customer service skills.
The Cybersecurity team is globally responsible for tracking security weaknesses and improvements and helping the company applying ever higher security standards. Presentation, interpretation and prioritization of the data are key for targeting improvement efforts. Functional Responsibilities
- Improve operational efficiency of process controls by utilizing automation technologies (scripting and programming languages) including Python scripting language for
- integrations with SaaS applications using REST APIs and with cloud infrastructure (Amazon Web Services); and
- parsing XML response and persisting results in database (MS-SQL, Oracle or DB2) in information security domain (vulnerability management and technical security standards compliance monitoring programs)
- Applying a variety of analysis tools to interpret data and identify key learnings and patterns for vulnerability management and technical security standards compliance monitoring programs based on dataset produced by tools like Qualys, Tenable and Prisma Cloud
- Maintaining familiarity with industry trends and security best practices as well as contributing to the Information Security team's continuous improvement efforts
- Proactively driving operational efficiency by automating manual tasks
- Helping identify metrics and KPIs that could be tracked in order to measure the operational efficiency and engineer the respective remediation
- Producing visualizations of data to monitor for developing trends/patterns and highlighting areas of potential improvement
- Assist with creating and updating documentation including standard operating procedures
- Work with IT teams to develop or enhance processes, provide cross-training, assistance and build relationships
Desired Skills and Experience: Qualifications
Minimum education and work experience required for this position include:
- Bachelor's degree in Computer Science, Computer Engineering, or a related IT field.
- 5 years of technical experience utilizing scripting and programming languages for automation
- 3 years of experience must include utilizing Python scripting language to perform integrations with SaaS applications using REST APIs
- Parsing XML response and persisting results in database (MS-SQL, Oracle or DB2)
- Some experience in information security domain (vulnerability management and technical security standards compliance monitoring programs)
- You think with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
- Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks.
- Working experience with cloud technologies and tools such as AWS and Azure
- Strong working knowledge of Windows Server and Workstation
- Knowledge of PowerShell and/or Python is a plus
- Linux experience and scripting on linux is a plus
- macOS experience is a plus
- Accountable, responsible and takes ownership for supported technologies
- Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background
- Strong reading comprehension skills - must be able to read and carry out actions based on internal and external technical and procedural documentation
- Intermediate to strong organizational skills
- Intermediate presentation skills involving large and of varying IT background audiences.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email email@example.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.