Sr Cybersecurity Engineer - Threat & Vulnerability Management (100% Remote Throughout US - OR New York OR Charlotte)

Sr Cybersecurity Engineer - Threat & Vulnerability Management (100% Remote Throughout US - OR New York OR Charlotte) Job Description Moody's IT Risk department is looking for an Sr. CyberSecurity Engineer to join its growing organization. This is a challenging position requiring deep knowledge and experience with security standards, threat & vulnerability management, scripting and programming languages for automation. The candidate should be motivated and willing to take on challenges, able to multi-task, collaborate, have strong communication and customer service skills. The Cybersecurity team is globally responsible for tracking security weaknesses and improvements and helping the company applying ever higher security standards. Presentation, interpretation and prioritization of the data are key for targeting improvement efforts.

• Improve operational efficiency of process controls by utilizing automation technologies (scripting and programming languages) including Python scripting language for
  • integrations with SaaS applications using REST APIs and with cloud infrastructure (Amazon Web Services); and
  • parsing XML response and persisting results in database (MS-SQL, Oracle or DB2) in information security domain (vulnerability management and technical security standards compliance monitoring programs)
• Applying a variety of analysis tools to interpret data and identify key learnings and patterns for vulnerability management and technical security standards compliance monitoring programs based on dataset produced by tools like Qualys, Tenable and Prisma Cloud
• Maintaining familiarity with industry trends and security best practices as well as contributing to the Information Security team's continuous improvement efforts
• Proactively driving operational efficiency by automating manual tasks
• Helping identify metrics and KPIs that could be tracked in order to measure the operational efficiency and engineer the respective remediation
• Producing visualizations of data to monitor for developing trends/patterns and highlighting areas of potential improvement
• Assist with creating and updating documentation including standard operating procedures
• Work with IT teams to develop or enhance processes, provide cross-training, assistance and build relationships

• Bachelor's degree in Computer Science, Computer Engineering, or a related IT field.
• 5 years of technical experience utilizing scripting and programming languages for automation
• 3 years of experience must include utilizing Python scripting language to perform integrations with SaaS applications using REST APIs

• Parsing XML response and persisting results in database (MS-SQL, Oracle or DB2)
• Some experience in information security domain (vulnerability management and technical security standards compliance monitoring programs)
• You think with a security mindset. The successful candidate has a strong IT background with in depth knowledge of several key security practice area: access control; application security; network security; security architecture; security strategy
• Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks.
• Working experience with cloud technologies and tools such as AWS and Azure
• Strong working knowledge of Windows Server and Workstation
• Knowledge of PowerShell and/or Python is a plus
• Linux experience and scripting on linux is a plus
• macOS experience is a plus

• Accountable, responsible and takes ownership for supported technologies
• Self-motivated
• Collaborative
• Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background
• Strong reading comprehension skills - must be able to read and carry out actions based on internal and external technical and procedural documentation
• Intermediate to strong organizational skills
• Intermediate presentation skills involving large and of varying IT background audiences.