VP Mgr-Cyber Operations

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Job Summary: The Vice President of Cyber Operations will lead the Ratings Technology group's efforts in managing and mitigating cyber threats and vulnerabilities. This position will report to the SVP of Global Platform Engineering group. This position requires a seasoned professional with a deep understanding of cyber tools and best practices, as well as the ability to collaborate effectively within the Ratings Technology team as well as the broader cyber organization. The VP of Cyber Operations will serve as the primary security manager for the Ratings Technology group, ensuring robust protection of sensitive data and systems.

Qualifications:

• Minimum of 7 years of experience in cyber operations, with at least 3 years in a leadership role.
• Must have current experience managing a team and leading projects.
• Must have experience facilitating discussions between parties to help them find common ground or a mutually acceptable solution.
• Proven experience in threat and vulnerability management, incident response, and security operations.
• Strong knowledge of cyber tools including GitHub Advanced Security, SNYK, Splunk, Cloudflare, Okta, Prisma Cloud, Wiz, Docker Security and Kubernetes Security and best practices.
• Strong knowledge of industry leading frameworks like ITIL, NIST, etc.
• Excellent communication and interpersonal skills, with the ability to convey complex

Education:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Key Responsibilities:

Threat and Vulnerability Management:

• Develop, implement, and oversee comprehensive threat and vulnerability management programs.
• Govern regular risk assessments and vulnerability scans to identify potential security threats.
• Coordinate with relevant teams to remediate identified vulnerabilities promptly on application code and Infrastructure.

Security Management:

• Serve as the primary security manager for the Ratings Technology group, ensuring adherence to security policies and protocols.
• Develop and enforce security standards and best practices tailored to the needs of the Ratings Technology group.
• Monitor and respond to security incidents, lead investigation process and resolution efforts.

Collaboration:

• Collaborate regularly with the broader cyber organization to align security strategies and share intelligence.
• Work closely with IT, compliance, and other stakeholders to ensure comprehensive security coverage.
• Foster a culture of security awareness and continuous improvement within the Ratings Technology group.

Cyber Tools and Best Practices:

• Maintain a thorough understanding of current and emerging cyber tools, technologies, and methodologies. Including GitHub Advanced Security, SNYK, Splunk, Cloudflare, Okta, Prisma Cloud, Wiz, Docker Security and Kubernetes Security.
• Evaluate and recommend security tools and solutions to enhance the group's security posture.
• Ensure the implementation of industry best practices for cyber security.

Audit and Governance:

• Manage audit and governance processes for the Ratings Technology Platform Engineering group, ensuring compliance with internal policies and regulatory requirements.
• Coordinate with internal and external auditors to facilitate regular security audits and assessments.
• Develop and maintain documentation for audit purposes, including policies, procedures, and evidence of compliance.
• Implement and monitor governance frameworks to ensure ongoing adherence to security and compliance standards.

Communication:

• Communicate effectively with senior leadership, providing regular updates on the security landscape and ongoing initiatives.
• Prepare and deliver reports on security metrics, incidents, and improvement plans.
• Serve as the point of contact for security-related queries and concerns within the Ratings Technology group.

For US-based roles only: the anticipated hiring base salary range for this position is [[$167,000.00 - [[$242,150.00, depending on factors such as experience, education, level, skills, and location. This range is based on a full-time position. In addition to base salary, this role is eligible for incentive compensation. Moody’s also offers a competitive benefits package, including not but limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, a discounted employee stock purchase plan, and tuition reimbursement.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.

This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement. Click here to view our Notice to New York City Applicants.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.