At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies

• 5+ years of experience in system engineering or a related field.
• Minimum 5 years of experience in the IT industry, preferably in financial services or consulting.
• Expertise in endpoint security tools and technologies, such as EDR, AV, local firewalls, encryption, mobile device management, VPN and proxy
• Workstation and server security such as BitLocker, Windows Defender, and Group Policy, vulnerability management, patch management, and security hardening techniques for endpoints as well as log analysis, event monitoring, and incident response on workstations and servers.
• Familiarity with cloud computing platforms (AWS, Azure, Google Cloud), Cloud Server Security: familiarity with cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security controls.
• Experience with Microsoft 365 offerings - Endpoint Manager, Intune, and Device Management
• Knowledge of security standards (PCI DSS, HIPAA, NIST, ISO 27001).

Education

BS or BA degree, preferably in engineering, science, or technology; or equivalent work experience.

Functional Responsibilities

• Assist and become subject matter expert on endpoint security products - with a focus on centralized host-based firewall, EDR and privilege management
• Help research, testing and roll-out of new features for existing endpoint security tools
• Enhance automation in areas such as compliance, installation, and reporting
• Assist with creating and updating documentation including standard operating procedures and guides for different audiences - internal team, the Cyber organization, and other IT teams
• Develop, collect, and mature security metrics for IT Risk programs
• Security tool deployment in cloud and on-premise environments
• Provide escalation support for endpoint security tools
• Work with IT teams to develop or enhance processes, provide cross-training, assistance and build relationships
• Assist with compliance, ensuring endpoint tools are properly installed, reporting and fully functional across the organization
• Plan and assist with implementation of security tools for new acquisitions
• Plan and rollout upgrades, perform true-ups and remediation

About the team

The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The

team is responsible for the development, enforcement, and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance)

reporting and the delivery of security services including the company’s Cyber Security program.

Some scheduled weekend work and on-call rotation is expected.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.