(Enter skills, job title, etc.)

Cybersecurity Engineer - Operations

Job Title:

Cybersecurity Engineer - Operations

Location:

New York, NY

Industry:

Information Technology

Job Description:

Role/Responsibilities:

Moody’s Information Risk & Security is looking for a Senior Cybersecurity Engineer - Operations to join its growing organization. This is a challenging position requiring a strong background in Information Security practice, deep knowledge of Information Security standards, best practices, technologies and processes, as well as solid communication and organization skills. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.

The Moody’s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team has global responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Cybersecurity team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. The team is responsible for key programs including Cybersecurity Operations, Engineering, Patch and Vulnerability Management, Data Loss Prevention, Access Control, Threat Management, Security Monitoring and Incident Response.

The Senior Cybersecurity Engineer - Operations will maintain system health, configuration, perform changes, upgrades, patching and recommend new technologies, for Moody’s cybersecurity systems such as firewalls, proxies, single sign-on, VPN, etc. The individual will also assist teams responsible for executing projects, providing guidance on how to integrate new technologies and solutions into the operational environment. The successful candidate will have a strong background in the areas of business process and service desk ticketing systems, security best practices standards (ISO, NIST, COBIT), and audit and regulatory frameworks such as SOX. Strong documentation skills are also crucial to being successful in this role.

Functional Responsibilities

  • Function as lead Cybersecurity Operations engineer for several security systems (e.g. single sign-on, internet certificate issuance, endpoint anti-malware, endpoint encryption) and backup for other systems (firewall, VPN, content filtering, wireless network access). Maintain system health, monitoring, patch levels and vulnerability management, as well as end of life management.
  • Assist in the maintenance of the Log Archiving (Splunk) platform. Work alongside the Splunk operations team, following up on incidents, designing and implementing enhancements, and providing reports to management which include meaningful metrics.
  • Provide Cybersecurity operational support to infrastructure teams for upgrades and enhancements to current security technologies.
  • Keeps abreast of current technologies in cybersecurity, making recommendations for changes or upgrades, enhancements and presenting proposals to management and other team members.
  • Produce and maintain operational processes and procedures for use by all support personnel
  • Work within current change management processes to apply system updates and patches, provide support for supported security tools.
  • Remain up to date with current attack methods and characteristics in order to identify threats in support during incidents.
  • Maintain and grow our current and future partner relationships.
  • Carry out triage on raised incidents and support the incident management process.
  • Maintain and align Moody’s Information Security policies and standards with industry best practices and business needs.

 

Job Requirements:

  Qualifications:

Minimum education and work experience required for this position include: 
  • Minimum of 2 plus years of experience in the IT industry and at least 1 year of experience in Information Security or closely related fields.
  • Expertise in design documentation and tools, such as Microsoft Visio.
  • BS or BA degree, preferably in technology/business or equivalent.
  • Relevant certifications such as CISSP, CISM or PMP are a plus.
  • Ability to think with a security mindset. The successful candidate has a strong IT background with expert level knowledge of a key security practice area: access control; application security; network security; monitoring; endpoint; etc.
  • Understanding of regulatory standards that govern Information Security practices such as SOX, PCI, and state and federal privacy laws.
  • Experience working with Microsoft Windows in an Active Directory environment, including group-based security and group policy.
  • Knowledge of TCP/IP networking including basic firewall and packet filtering concepts.
  • Experience with ISO-27002, NIST and/or SANS CSC aligned security program.
  • Working knowledge of Splunk as both a user (searching, reporting, alerting) and an administrator.
  • Experience with shell scripting or PowerShell a plus.


  • Key Competencies
    • Thinking with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice areas: identity and access management; application security; audit and regulatory; security operations.
    • Ability to maintain a high performing, motivated team, and adapt direction to accommodate changes in priorities.
    • Process driven approach to managing security controls and customer touch points.
    • Ability to analyze complex problems in a methodical manner and work through to resolution.
    • Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
    • Strong presentation skills involving large and of varying IT background audiences
    • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.

 

Tip of the Week


Make sure your LinkedIn profile is identical or similar to your resume. Consistency is key!

 

View Starpoint's Top Tips.

Send Us Your Resume


Let Starpoint's expert recruiters help you land your next job.

 

Submit Your Resume

@Starpoint_Jobs