Let's begin! Risk Manager - Cyber Security (9081)
Let's begin! Risk Manager - Cyber Security (9081)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
At Moodys we unite the brightest minds to turn todays risks into tomorrows opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they arewith the freedom to exchange ideas think innovatively and listen to each other and customers in meaningful ways.
If you are excited about this opportunity but do not meet every single requirement please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship lead with curiosity champion diverse perspectives turn inputs into actions and uphold trust through integrity.
Welcome to the Data Estate business unit at Moodys Analytics where we are pioneering the future of data management and analytics in Moodys Analytics. Our mission is to deliver precise timely data with a commitment to innovation.
At Data Estate we focus on enhancing Moodys digital presence and improving customer engagement through innovative data solutions. Our team is dedicated to enforcing and evolving our data quality framework improving transparency into our data assets and strategically growing new and existing information providers. We are committed to ensuring our data is ready for an expanding set of GenAI use cases and maintaining tight alignment with the teams we support.
We are building a resilient data platform that supports our strategic priorities and drives longterm sustainable growth for the business.
Join us at Data Estate and be part of a dynamic team that is shaping the future of data management. We offer a collaborative environment where your contributions will have a meaningful impact on our clients and the industry. If you are passionate about data quality governance and innovation we invite you to explore opportunities with us and help us deliver exceptional results.
Job Summary:The Associate Director will be responsible for supporting the identification assessment and mitigation of cybersecurity risks and vulnerabilities within the organization. This role involves assisting in the development and implementation of cybersecurity frameworks and procedures to ensure the organizations compliance with regulatory requirements and industry best practices. The Associate Director will work closely with senior management business units and other stakeholders to promote a strong risk culture and ensure effective cybersecurity risk management practices.
Responsibilities include:
Assist in the development and implementation of an enterprisewide cybersecurity risk management framework including procedures and tools for identifying assessing monitoring and reporting cybersecurity risks and vulnerabilities.
Support the execution of risk assessments vulnerability assessments and penetration testing to identify potential cybersecurity risks and their impact on the organization.
Provide dedicated security functions in accordance with the needs risk level and plans provided by the corporate security plan
Manage the risk posture regulatory compliancy assurance and the coordination of security plans in conjunction with the Senior Director of Risk Management
Monitor schedule and communicate information security tasks events and trends
Identify monitoring and reporting of risk items to the Senior Director of Risk Management
Develop and report key metrics
Document the application security program (Secure Coding Policies Security Guidelines Best Practices Checklists etc.).
Act as business security champion and mentor and guide and other security analysts
Collaborate with business units and other stakeholders to ensure that cybersecurity risks are effectively managed and mitigated.
Perform other related duties as assigned
Qualifications:
Bachelors degree in Information Assurance Information Security Information Systems or related field preferred
Information Security certifications and Security Product Certifications are desirable
6 years information security experience in a large and complex business environment
3 years experience identifying and remediating application security risks as part of vulnerability assessments and remediation programs
Strong knowledge of the development of application security assessment and code review methodologies.
Strong knowledge of application security vulnerabilities remediation and mitigation techniques and secure coding practices
Working knowledge of automated application security scanning tools such as Qualys Prisma Cloud or other similar commercial solutions.
Working knowledge of manual assessment tools automation scripts and other commercial and open source tools is preferred.
Strong analytical skills to troubleshoot technical problems and determine resolution
Strong knowledge of web technologies (.ASP .NET Java)
Exposure to Application Security Maturity Models
Collaborates effectively with crossfunctional entities across the enterprise
Organizational direction time management problemsolving prioritization goal setting leadership and motivation negotiation interpersonal relations verbal/written communications and human resource management
For USbased roles only: the anticipated hiring base salary range for this position is$118300.00$171700.00 depending on factors such as experience education level skills and location. This range is based on a fulltime position. In addition to base salary this role is eligible for incentive compensation. Moodys also offers a competitive benefits package including not but limited to medical dental vision parental leave paid time off a 401(k) plan with employee and company contribution opportunities life disability and accident insurance a discounted employee stock purchase plan and tuition reimbursement.
Moodys is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color sex gender age religion or creed national origin ancestry citizenship marital or familial statussexual orientation gender identity gender expression genetic information physical or mental disability military or veteran status or any other characteristic protected by law. Moodys also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation or need assistance with completing the application process please email . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
For San Francisco positions qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.
This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination here to view our Notice to New York City Applicants.
Candidates for Moodys Corporation may be asked to disclose securities holdings pursuant to Moodys Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy including remediation of positions in those holdings as necessary.
For more information on the Securities Trading Program please refer to the STP Quick Reference guide on ComplianceNet
Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employees tenure with Moodys.
Required Experience:
Manager
Employment Type
Full Time
