• Competitive
  • Edinburgh, Scotland, United Kingdom
  • Permanent, Full time
  • Moody's
  • 26 Sep 17

Senior Cybersecurity Analyst

Location: Edinburgh, Scotland, United Kingdom

The Senior Cybersecurity Analyst will have hands-on experience in one or more general IT and specific Information Risk & Security areas to provide guidance to other IT personnel:

  • Security Incident Response and Threat Management.
  • Networking fundamentals including Network Forensics.
  • Patch and Vulnerability management.
  • Endpoint security.
  • Anti-malware and advanced threat protection solutions.
  • Network vulnerability scanning tools.

Key Competencies

  • Ability to think with a security mindset. The successful candidate has a strong IT background with expert level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.) in addition to forensics and incident management.
  • Hands-on experience with forensics tools and techniques, such as file carving, disk imaging and write blockers.
  • Extensive knowledge of security tools which perform functions such as intrusion detection and prevention (IDS/IPS), vulnerability scanning, software deployment, and log archiving. A wide range of experience in these tools, from hands-on configuration and operation, to high level design and architecture is preferred.
  • Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
  • Experience in forensics technology, procedures and processes.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives
  • Experience in large, geographically diverse enterprise networks
  • Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Documentation; experience in writing functional requirements and procedure documents.

The Moody's Information Risk & Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.

Minimum education and work experience required for this position include:
  • At least 5-7 years of IT industry experience, preferably in a financial services organization.
  • Minimum of 3 recent years direct incident management and forensics experience.
  • Extensive knowledge and hands-on experience with SIEM technologies and other forensics, evidence collection, and incident remediation tools.
  • Experience setting up, using and managing scanning tools is considered a plus.
  • Knowledge of regular expressions and at least one common scripting language (e.g. PERL, Python, PowerShell).
  • BS or BA degree, preferably in technology.
  • Relevant certifications such as GCFE, GCFA, GCIH, or CISSP are considered a plus.

Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $3.6 billion in 2016, employs approximately 10,700 people worldwide and maintains a presence in 36 countries. Further information is available at www.moodys.com.

Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation or any other characteristic protected by law.

MIS and MSS Candidates are asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.