Job Description

Location(s):

MIS Support Center, 4th floor, East Tower, Eurocenter Business Center, in front of Cenada, Heredia, 40104, CR

Line Of Business: CYBERSECURITY(CSG)

Job Category:

Engineering & Technology

Experience Level: Experienced Hire

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies.

3-5 years of Cybersecurity Engineering experience within an Enterprise environment.Functional understanding of network security technologies, including Defense in Depth concepts.Excellent problem-solving skills and the ability to think critically and strategically about security issues.Strong communication and collaboration skills, with the ability to work effectively in cross-functional teams.1 or more preferred certifications including CISSP, CISA, CEH, GSEC, or CRISC. Strong interpersonal, analytical, problem solving and communication skills.Prior experience in a global organization working within a Team environment. Excellent written and oral communication skills; including the ability to interact directly with non-technical internal customers.

Education

BS or BA degree or relevant certifications, preferably in Information Systems, Computer Science, Computer Engineering or equivalent.

Responsibilities

Proficient with Vulnerability Management Solutions. Experience with Cloud Security Posture Management platforms related to AWS, Azure, or GCP.Expertise in identifying and assessing Cybersecurity risks for Networks, Operating Systems, Applications, and Public Cloud environments. The ability to analyze, prioritize findings, and provide recommendations for remediation. The ability to use and apply security tools (e.g., vulnerability scanner, perimeter scanning, agents) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities. Understanding of Windows and Unix/Linux Operating Systems, endpoint applications, networking protocols, and devices. Knowledge of vulnerability NIST, CVSS scoring, CWE, MITRE, OWASP, and CIS Benchmarks. Experience with cloud environments across Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP). An ability to interpret results of penetration tests and security scans to provide recommendations for remediation.Develop, collect, and mature security metrics for Cyber Risk Programs.Proficient in Microsoft Office Applications with a focus on data analytics or PowerBi. Proficient scripting skills, primarily API automation and Python.

About the team

Moody’s is looking for a Senior Cybersecurity Engineer to join its growing Cybersecurity organization. This is a challenging position requiring deep knowledge of Cybersecurity, Vulnerability Management, and Cloud Security Posture Management products and concepts. The candidate should be motivated and willing to take on challenges, able to multi-task to succeed, and be able to work independently and with minimal oversight.

The Moody’s Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for developing, enforcing, and monitoring security controls, policies, and procedures, Network and Perimeter security programs, GRC (Governance, Risk, and Compliance) reporting, and delivering security services including the company’s Cybersecurity program.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.