Sr Cybersecurity Engineer- Perimeter Security

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies

• 3-5 years of solid, diverse work experience in the IT industry, including experience in Network or 3-5 years of experience in at least one of the following Security domains; Application, Endpoint or Network security.
• Hands on experience with cloud technology; AWS, Azure, GCP.
• Strong interpersonal, analytical, problem solving and communication skills.
• Solid understanding of network and security concepts, including PKI and DNS
• Hands on experience with enterprise security solutions such as WAF and DDoS protection; Familiarity of Akamai, Imperva, or Cloudflare is a plus
• Hands-on technical expertise in building security capabilities in code and deploying infrastructure in code
• Proficient scripting skills, i.e., Terraform, PowerShell, Python, Lambda, JavaScript, etc.
• Technical expertise (design and/or implementation) in Cloud Computing technologies
• Ability to quickly assimilate new technologies, tools, internal/external systems, and design frameworks. Strong and broad technology background.
• Ability to think with a security mindset. The successful candidate has a strong Cyber background with depth knowledge of several related key security Domains.
• Excellent written and oral communication skills including the ability to interact directly with customers that do not have an IT background.

Education

BS or BA degree or relevant certifications, preferably in Information Systems, Computer Science, Computer Engineering or equivalent.

Responsibilities

• Optimize perimeter defense by implementing and tuning WAF policies
• Identify attack vectors and new threats and coordinate with the relevant Cybersecurity, Infrastructure and Application teams to ensure defense in depth
• Ensure enforcement of cloud (AWS, Azure) security policies with tools like CloudWatch, Prisma Cloud and others
• Familiarity with Perimeter Security toolsets such as Cloudflare Web Application Firewall (WAF)
• Interpreting the results of penetration tests and security scans to provide risk-based recommendations for remediation
• Collaborate with IT and engineering teams to integrate security best practices into the development and deployment processes.
• Implement and maintain security controls, policies, and procedures to protect cloud environments and data assets.
• Analyze and respond to security incidents, providing timely and effective resolution and root cause analysis.
• Provide expertise in network security, including the design, implementation, and management of secure network architectures.
• Stay updated with the latest cybersecurity trends, threats, and technologies, and apply this knowledge to improve the organization's security posture.
• Coordinating penetration tests for SaaS applications
• Build & deploy security infrastructure and automate security operations for customers
• Assist subject matter experts on range of security products in the Cybersecurity portfolio.
• Develop, collect and mature security metrics for Cyber Risk programs.

About the team

Moody’s is looking for an Sr Cyber Security Engineer to join its growing Cyber Security organization. This is a challenging position requiring deep knowledge of security and network products and concepts. The candidate should be motivated and willing to take on challenges, able to multi-task to succeed and can work independently and with minimal oversight.

The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company’s Cyber Security program.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.