Moody's AnalyticsRemote
Sr Cybersecurity Engineer
United States of America
Full Time
7 hours ago
$147,000 - $192,000 USD
H1B Sponsor Likely
Key skills
JavaScriptC#CSQL.NETAnalyticsAngularJSASP.NETPostgreSQLSQL ServerRisk ManagementSnykOWASPPenetration Testing
About this role
Moody's Analytics is a global leader in ratings and integrated risk assessment, focusing on transforming how the world sees risk. They are seeking a Senior Cybersecurity Engineer to perform dynamic and static testing, provide recommendations on security mitigations, and collaborate with development teams to enhance security practices across the organization.
Responsibilities:
- Perform dynamic/static testing using various tools, provide recommendations and guidance on mitigations, and validate issue remediation
- Maintain detailed evidence documentation throughout process
- Communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security
- Partner with developer teams to meet security objectives through training and integrating vendors or building solutions for software development processes
- Establish polices and standards to guide builders to meet security requirements
- Collaborate with colleagues from Cybersecurity Architecture & Assurance, Security Operations, and IT Development in the testing and remediation process, including resolution of issues stemming from risk assessments and third-party penetration testing
- Support dynamic/static testing using various tools, provide recommendations and guidance on mitigations, and validate issue remediation
- Maintain detailed evidence documentation throughout processes to support compliance obligations
- Hold meetings and communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security
- Work with developer teams to meet security objectives through training and integrating vendor solutions or building secure solutions into software development processes
- Develop strategies to identify, assess, and mitigate security risks across the organization
- Collaborate with IT and engineering teams to integrate security best practices into the development and deployment processes
Requirements:
- Requires a Master's degree or foreign equivalent in Cybersecurity, Information Technology, Computer Information Systems, or a closely related technical field plus at least two (2) years of experience as an Analyst, Engineer, or in a related position performing information security risk management and architecture review
- Must have experience with the following: designing, developing, and deploying security technology and controls, including identifying and selecting vendors that meet security and business requirements
- performing forensic analysis and resolving incidents related to cyber-attacks, including reviewing information security resources and performing root cause analysis
- applying knowledge and support of various cyber security tools, platforms and processes
- assisting in defining technical requirements and process enhancements based on an evolving threat landscape
- working with BurpSuite, OWASP ZAP, Fiddler, Veracode, Snyk, HP Fortify, Dependency Checker, .Net (ASP.Net /C#), JavaScript, AngularJS, and SQL Server/Postgresql