Senior Cybersecurity Analyst – SOC (Security Operations Centre)
Moody's Information Risk & Security is looking for a Senior Cybersecurity Analyst to join its growing organization and be part of its in-house Security Operations Centre (SOC). This is a position requiring a good technical background in Information Security practice, good knowledge of IT Security threats and solid communication and organizational skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work with the team to tackle incoming alerts.
The Moody's Information Risk & Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.
The Senior Cybersecurity Analyst will be responsible for the handling, and escalation of, alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security team's technology stack. Functional Responsibilities
- Experience Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms.
- Creating and maintaining documentation for security event processing.
- Acknowledge and handle the incoming security alerts.
- Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary.
- Assist the Incident Response team on alerts escalated to them by the SOC team.
- Develop/Update and follow Standard Operating Procedures (SOPs) and Playbooks to handle standard and out-of-band alerts.
- Report to the Incident Response Team quickly and efficiently regarding urgent matters.
- Ensure ticket queues are always within satisfactory limits and all tickets are updated.
- Provide On-Call Support for emergency or high severity issues.
- Liaise with partner teams and end-users for security related tickets and activities.
Minimum education and work experience required for this position include:
- Excellent verbal and written communication skills.
- Excellent analytical and problem solving skills required.
- Substantial experience in a SOC or Cybersecurity.
- Equivalent BSc in IT Security.
- Equivalent Certifications (Network+, Security+, CySA+, GSEC, GMON, etc.)
- Experience working with SIEMs and evaluating SIEM alerts.
- Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
- Ability to think with a security mindset. The successful candidate has a good IT background with good level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.)
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
- Good knowledge of various security tools and monitoring devices; e.g. able to read and understand IDS/IPS/Firewall/Proxy logs and determine the current state of play.
- Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
- Experience in large, geographically diverse enterprise networks.
- Ability to build lasting relationships with partner teams and stakeholders.
- Strong written and oral communication skills, including the ability to interact directly with customers that do not have an IT background.
- Documentation; experience in writing reports and documenting tickets efficiently and accurately.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.