Senior Cybersecurity Analyst – Incident Response (100% Remote Throughout US – OR New York OR Charlotte)
Company Location: New York City, NY, US
Industry: Financial Services
Employment Type: Full-time
Moody’s Information Risk & Security is looking for a Senior Cybersecurity Analyst to join its growing organization. This position requires a strong technical background in Information Security practice, deep knowledge of IT Security Forensics and Investigations, Anti-Malware and Advanced Threat Protection solutions, and solid communication and organizational skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.
The Moody’s Information Risk & Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.
The Senior Cybersecurity Analyst will be responsible for handling, and escalation of, incidents which require highly technical analysis, such as network intrusions and advanced malware infections which have been identified by the Information Risk & Security team.
- Analyze, correlate and action on data from subscription and public cyber intelligence services, develop tactics to combat future threats, and invoke the Incident Response Plan if necessary.
- Provide timely review of security alerts originating from any source, including managed security services, internal tools, and internal or external reporting.
- Analyze and respond to security events in alignment with the Incident Response Plan and its procedures.
- Perform forensic review of systems in response to incidents or investigations, providing timely and complete reports to management.
- Keep abreast of current security threats, events, technologies, vendors and other aspects of the cyber threat landscape. Propose changes or enhancements to our security posture where appropriate.
- Investigate security incidents and events, using SIEM and other tools; collect evidence and work with teams to isolate and/or remediate as necessary.
- Communicate and escalate incidents to management in accordance with the Incident Response Plan.
- Work with third party security monitoring firms to research and respond to incidents.
- Monitor security tools alerts for anomalous or suspicious activity; research alerts and make recommendations to remediate concerns.
- Respond to Electronic Discovery requests in a timely and accurate manner, as requested by the Human Resources, Legal and Compliance teams.
Minimum education and work experience required for this position include:
- At least 5 years of IT industry experience, preferably in a financial services organization.
- Minimum of 3 recent years direct incident management/handling.
- Security Incident Response tools knowledge
- Experience in cyber incident handling
- Networking fundamentals including network forensics.
- Anti-Malware and Advanced Threat Protection solutions.
- Electronic Discovery (E-Discovery).
- Endpoint Security.
- Extensive knowledge and hands-on experience with SIEM technologies and other forensics, evidence collection, and incident remediation tools.
- Knowledge of regular expressions and at least one common scripting language (e.g. PERL, Python, PowerShell).
- BS or BA degree, preferably in technology.
- Relevant certifications such as GCIH, GCFE, GCFA, or CISSP are considered a plus.
- Ability to think with a security mindset. The successful candidate has a strong IT background with knowledge of multiple relevant security practice areas (anti-malware solutions, network security; monitoring; endpoint, etc.) in addition to forensics and incident management.
- Hands-on experience with forensics tools and techniques, such as file carving, disk imaging and write blockers.
- Extensive knowledge of security tools which perform functions such as intrusion detection and prevention (IDS/IPS), SOAR, and log archiving.
- Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
- Experience in digital forensics technology, procedures and processes, as well as a solid understanding of the NIST Incident Handling Guidelines (800-61r2).
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask.
- Experience in large, geographically diverse enterprise networks.
- Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
LOB/Department: Information Risk & Security
Job Req ID: 18804BR
Entity: Moody’s Shared Services (MSS)
Line of Business: Information Risk and Security (INFORISK)
City: Charlotte, New York
Job Category: Engineering & Technology
Job Sub Category: Information Security
Working at Moody’s
Moody’s (NYSE: MCO) is a global integrated risk assessment firm that empowers organizations to make better decisions. Our data, analytical solutions and insights help decision-makers identify opportunities and manage the risks of doing business with others. We believe that greater transparency, more informed decisions, and fair access to information open the door to shared progress. With over 11,000 employees in more than 40 countries, Moody’s combines international presence with local expertise and over a century of experience in financial markets. Learn more at moodys.com.
Moody’s Shared Services are the front line professionals including Finance, Technology, Legal, Compliance and Human Resources, that operationally support our business units. Exceptional Shared Services teams are vital to the international success of our business.
Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email [email protected] .. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
Securities Trading Policy (STP)
Candidates for Moody’s Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.