- New York, NY, USA
- Permanent, Full time
Senior Cybersecurity Analyst (Data Loss Prevention & User Behavior Analysis)
Location: New York, NY, USAMoody's Information Risk team is looking for an Senior Cybersecurity Analyst to join its growing organization. The Senior Cybersecurity Analyst will be responsible for continuing the development of a Data Loss Prevention (DLP) and User Behavior Analysis (UBA) program at Moody's.
The individual will be required to work closely with other members of the Information Risk and Cybersecurity team to set objectives for the DLP and UBA program. The individual will be responsible for the successful delivery of DLP and UBA program activities, as well as operationalizing the program and working with key business stakeholders throughout this process. The role will involve working with project managers at Moody's to evaluate, deploy, and operationalize DLP and UBA technology. This role will involve working with incident response teams to craft appropriate response procedures for DLP and UBA alerts and reports as well as interfacing with business leaders to identify false positives. The role will involve documenting and implementing processes and procedures associated with DLP and UBA technologies.
This position requires technical background in Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, keen to work with multiple technologies, able to multi-task to succeed and has the ability work independently and with minimal oversight.
The Moody's Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.
- Provide leadership in the DLP and UBA program at Moody's and analyze current DLP and UBA capabilities to proactively identify and propose enhancements to the program.
- Lead initiatives to evaluate, choose, implement and provide ownership over DLP and UBA technologies at Moody's.
- Operationalize DLP and UBA technologies and interface with incident response teams to build alert response procedures for these tools.
- Detect and investigate policy violations, working with other teams for further investigation as appropriate. Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
- Feed DLP and UBA data to the Moody's SEIM platform (Splunk) and build reports and dashboards that serve the goals of the DLP and UBA program.
- Work as part of a wider information security analytics team to improve the security posture of Moody's.
- Provide guidance and design for email initiatives including email security gateway and cloud email security.
- Provide technical guidance for the operation of the Imperva database security tool.
- Provide leadership in enhancing the security of communication channels at Moody's to reduce the risk of data loss
Required Minimum education and work experience required for this position include:
- At least 5 years of experience in IT industry, preferably in a financial services organization.
- Minimum of 3 recent years direct experience with DLP or UBA technologies.
- Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
- Demonstrated advanced knowledge of DLP concepts.
- Demonstrate advanced knowledge of UBA methodologies or anomaly detection concepts.
- Demonstrate a good level of understanding of message flow between enterprise email technologies.
- BS or BA degree, preferably in Computer Science, other sciences, or Mathematics.
- Relevant certifications such as CISSP are a plus.
- Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
- Strong knowledge of regulatory standards that govern Information Security Incident Response and Investigation practices such as state and federal privacy laws, Electronic Communications Privacy Act.
- Hands-on experience with DLP toolsets and DLP capabilities, including creating DLP policies using regular expressions.
- Hands-on experience investigating DLP alerts and working with technology and business units during such investigations.
- Direct experience with modeling user behavior and performing analysis on user behavior using SEIM tools or dedicated UBA technologies.
- Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
- Proven ability to work within a large enterprise that spans multiple continents is governed by change management and has a tiered support model.
- Significant knowledge of email flow, email security platforms and cloud email platforms such as Office 365.
- Experience with Imperva database security platform is a plus.
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email email@example.com.. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.