Security Engineer
Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Your Team Responsibilities
MSCI is building a world-class information security and IT risk program. We are moving beyond industry best practices and charting a path towards automation and resilience. Our cyber team has met its Board-driven obligations against the NIST cybersecurity framework and we have achieved certifications against ISO 27001:2022 SOC1 SOC2 SOX and other control sets. Our strategy now focuses on attack simulation to improve our defensive and detection capabilities.
Over time we expect the cyber and IT risk regulatory environment to increase in its complexity and rigor. We also expect that cyber threat actors will get more sophisticated. This role will help to shape and drive our approach towards these risks which supports the broader business growth strategy of the firm by building trust with our clients.
This role involves working as a member of the Security Engineering team on key and strategic projects to strengthen our defensive controls. Since we are also simultaneously building new detection capabilities alongside these new defensive controls we expect candidates to work in close collaboration with our Security Operations team hence we highly value strong communication and teamwork.
Successful candidates will have the opportunity to work with different businesses and other departments across MSCI. A candidate Security Engineer will work across architecture governance business and technology groups to advise and build security solutions to improve our posture and reduce risk to the firm and our clients.
Your Key Responsibilities
Support the overall cyber strategy of the firm (using MITRE ATT&CK and D3FEND to improve defensive and detection controls) to address cyber threats.
Implement enterprise-grade controls to address cyber risks.
Use existing tools to identify and analyze security risks and control gaps.
Make recommendations to senior management on how to obtain more value from existing tools and how to reduce risk in an efficient manner.
Advise internal application development (DevOps) stakeholders on how to rebuild applications from scratch assuming a worst-case cyber scenario.
Support occasional client and auditor requests for control evidence in areas where you are a subject matter expert.
At times serve as an internal consultant for matters involving security engineering.
Create design documents implementation guides and other relevant documentation.
Your skills and experience that will help you excel
Be able to constructively influence partners across the organization to accomplish tasks.
Be an organized and thoughtful communicator.
Have a focus on team building and collaboration; we do not want siloed workers.
Have a strong foundation of IT skills (operating systems database network etc.)
Have experience working with software developers and familiarity with modern software development practices.
Have a strong grasp of the MITRE ATT&CK framework.
Have prior experience working in a security operations engineering or architecture role.
Be fluent in scripting languages to collect / analyze data and build reporting dashboards.
Hands-on experience with Linux and Windows operating systems.
Experience building new controls and ensuring that they are effective and sustainable.
Knowledge of major cloud providers and Kubernetes architectures.
Certifications in cloud infrastructure cybersecurity Linux OS are all helpful to demonstrate your knowledge.
At least 4 years of relevant experience.
About MSCI
What we offer you
- Transparent compensation schemes and comprehensive employee benefits tailored to your location ensuring your financial security health and overall wellbeing.
- Flexible working arrangements advanced technology and collaborative workspaces.
- A culture of high performance and innovation where we experiment with new ideas and take responsibility for achieving results.
- A global network of talented colleagues who inspire support and share their expertise to innovate and deliver for our clients.
- Global Orientation program to kickstart your journey followed by access to our platform LinkedIn Learning Pro and tailored learning opportunities for ongoing skills development.
- Multi-directional career paths that offer professional growth and development through new challenges internal mobility and expanded roles.
- We actively nurture an environment that builds a sense of inclusion belonging and connection including eight Employee Resource Groups. All Abilities Asian Support Network Black Leadership Network Climate Action Network Hola! MSCI Pride & Allies Women in Tech and Womens Leadership Forum.
At MSCI we are passionate about what we do and we are inspired by our purpose to power better investment decisions. Youll be part of an industry-leading network of creative curious and entrepreneurial pioneers. This is a space where you can challenge yourself set new standards and perform beyond expectations for yourself our clients and our industry.
MSCI is a leading provider of critical decision support tools and services for the global investment community. With over 50 years of expertise in research data and technology we power better investment decisions by enabling clients to understand and analyze key drivers of risk and return and confidently build more effective portfolios. We create industry-leading research-enhanced solutions that clients use to gain insight into and improve transparency across the investment process.
MSCI Inc. is an equal opportunity employer. It is the policy of the firm to ensure equal employment opportunity without discrimination or harassment on the basis of race color religion creed age sex gender gender identity sexual orientation national origin citizenship disability marital and civil partnership/union status pregnancy (including unlawful discrimination on the basis of a legally protected parental leave) veteran status or any other characteristic protected by law. MSCI is also committed to working with and providing reasonable accommodations to individuals with disabilities. If you are an individual with a disability and would like to request a reasonable accommodation for any part of the application process please email and indicate the specifics of the assistance needed. Please note this e-mail is intended only for individuals who are requesting a reasonable workplace accommodation; it is not intended for other inquiries.
To all recruitment agencies
MSCI does not accept unsolicited CVs/Resumes. Please do not forward CVs/Resumes to any MSCI employee location or website. MSCI is not responsible for any fees related to unsolicited CVs/Resumes.
Note on recruitment scams
We are aware of recruitment scams where fraudsters impersonating MSCI personnel may try and elicit personal information from job seekers. Read our full note on
Employment Type
Full-Time
