Skills and Competencies:
• Solid understanding of fundamental cybersecurity and networking concepts and terminology; e.g. protocols, ports, processes, OWASP, MITRE ATT&CK, NIST, CIS, etc.
• Excellent analytical and problem-solving skills; able to think outside the box and ask probing questions to identify root cause and risk exposure.
• Excellent verbal and written communication skills; articulate and visually present technical information to a non-technical audience, build lasting relationships with stakeholders.
• Ability to work independently within minimal supervision; timely and accurate delivery of assigned tasks, seeks help from peers or supervisor(s) as and when required.
• Ability to work in a time-sensitive environment, remain calm under pressure, maintain composure, follow processes, and purposefully prioritize to meet deadlines.
• Experience in digital forensics technology, procedures, and processes, and the ability to talk confidently about each stage of the Cyber Incident Response Lifecycle (NIST/SANS).
• A can-do attitude; comfortable ‘wearing many hats’ and demonstrating focus and proactiveness to get the job done, with a strong desire to learn and develop your skills.
Education:
• Desired: BS or MS degree, preferably in Technology, Computer Science or Cybersecurity.
• Relevant certifications from GIAC (e.g. GCIH, GCFA, GFCE), ISC2 (e.g. CISSP), ISACA (e.g. CISM) or other industry-recognized certification bodies considered a plus.
• 3-5 years working in a similar cyber security role
Responsibilities:
• Deliver timely review and response of security events or investigations escalated by the SOC or other internal or external sources; invoke Incident Response Plan where necessary.
• Provide on-call support for emergency or high severity issues, communicate and escalate incidents to management in accordance with the Incident Response Plan.
• Participate in cyber security projects and initiatives; provide technical expertise, operational support and testing (e.g. Threat Intelligence, Cyber Deception, Purple Teaming).
• Keep abreast of current security threats, events, technologies, vendors and other aspects of the cyber threat landscape; drive enhancements to our security posture where appropriate.
• Perform forensic review of systems in response to incidents or investigations, write and test playbooks for common incident response scenarios, participate in cyber tabletop exercises.
In a world shaped by increasingly interconnected risks, Moody's helps customers develop a holistic view of these risks to advance their business and act decisively. With a rich history of expertise in global markets and a diverse workforce in more than 40 countries, Moody's unites the brightest minds to turn today's risks into tomorrow's opportunities.