Sr. CyberSecurity Engineer – Endpoint Security
Moody's IT Risk department is looking for an Sr. CyberSecurity Engineer to join its growing
organization. This is a challenging position requiring deep knowledge and experience with engineering, design, implementation and support of endpoint security products deployed in a large enterprise. The candidate should be motivated and willing to take on challenges, able to multi-task, collaborate, have strong communication and customer service skills.
The Cybersecurity team is globally responsible for helping the organization balance risk by
aligning policies and procedures with Moody's business and regulatory requirements. The
team is responsible for the development, enforcement and monitoring of security controls,
policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance)
reporting and the delivery of security services including the company's Cyber Security
• Assist and become subject matter expert on a range of endpoint security products in the Cybersecurity portfolio - including EDR and encryption
• Research and recommend new features for existing endpoint security tools
• Enhance automation in areas such as compliance, installation and reporting
• Assist with creating and updating documentation including standard operating procedures and guides for different audiences - internal team, InfoRisk, and IT teams
• Develop, collect and mature security metrics for IT Risk programs
• Security tool deployment in Cloud and On-Premise environments
• Provide escalation support for endpoint security tools
• Work with IT teams to develop or enhance processes, provide cross-training, assistance and build relationships
• Assist with compliance, ensuring endpoint tools are properly installed, reporting and fully functional across the organization
• Plan and assist with implementation of security tools for new acquisitions
• Plan and rollout upgrades, perform true-ups and remediation
• Some scheduled weekend work and on-call rotation expected
Minimum education and work experience required for this position include:
• Minimum 7-12 years of experience in IT industry, preferably in a financial service or consulting organization
• 3-7 years IT engineering experience with security tools and technologies
• Strong analytical skills to troubleshoot effectively with minimal assistance
• BS or BA degree, preferably in engineering, science or technology
• Strong background implementing and supporting endpoint security technologies such as EDR, AV, local firewalls, encryption, VPN and proxy; preferably with CrowdStrike Falcon, Symantec Endpoint Protection and BitLocker.
• Thinks with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
• Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks.
• Working experience with cloud technologies such as AWS and Azure
• Automation or scripting experience
• Broad technical background including understanding of networking, firewalls, servers, workstations and Active Directory
• Strong working knowledge of Windows Server and Workstation
• Linux experience a big plus
• macOS experience a plus
• Accountable, responsible and takes ownership for supported technologies
• Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background
• Strong reading comprehension skills - must be able to read and carry out actions based on internal and external technical and procedural documentation
• Intermediate to strong organizational skills
• Intermediate presentation skills involving large and of varying IT background audiences.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.