• Competitive
  • Gurgaon, Haryana, India
  • Permanent, Full time
  • Moody's
  • 2019-03-23

Cybersecurity Engineer

Location: Gurgaon, Haryana, India

Moody's IT Risk is looking for a Developer of Cybersecurity Access Management to join its growing organization. This is a challenging position requiring a strong background in Information Security practice, deep knowledge of Information Security standards, best practices, technologies and processes, as well as solid communication and organization skills. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.

The Moody's Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team has global responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Cybersecurity team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. The team is responsible for key programs including Cybersecurity Operations, Engineering, Patch and Vulnerability Management, Data Loss Prevention, Access Control, Threat Management, Security Monitoring and Incident Response.

The Developer - Cybersecurity Access Management will be responsible for the build and delivery of the future state Identity and Access Management (IAM) strategy for Moody's. With direction from the VP, evaluate and recommend IAM solutions to support the IAM strategy. This includes identifying opportunities for automation and standardization for the user lifecycle provisioning, de-provisioning, entitlement review and auditing processes across all technology layers. The Developer will participate as an Architect to projects assisting teams in defining their IAM needs, provide guidance on the technical aspects of the IAM integration and will assist technical teams for complex problem analysis. The successful candidate will have a strong background in the areas of Identity and Access Management, security access automation technologies, business process and service desk ticketing systems, awareness of security best practices standards (ISO, NIST, COBIT), audit and regulatory frameworks such as SOX as well as ITIL processes. Strong documentation skills are also crucial to successful process and project delivery.

Functional Responsibilities
• Design and Develop SailPoint IdentityIQ 7.0+ (workflows, connectors, entitlements, certifications) involving coding in Java Bean shell
• Provide identity management consulting services including client interaction, design, build and implementation
• Work with the client's application developers and IT operations to develop, test, and roll out SailPoint connectors for application integrations.
• Ability to interact with users, customers, and other stakeholders to understand and document their needs
• Demonstrated ability to gather IAM solution business and technical requirements and develop functions on the SailPoint tool
• Support business and technology strategy and planning by leveraging knowledge in both technical and business areas
• Work with clients to support user acceptance testing, debugging and migration to production environment activities
• Deliver SailPoint IIQ technical training designed to enable/educate client IT resources

Required -- Minimum education and work experience required for this position include:
• Minimum of 7-10 years of full IAM product suite implementation experience.
• Installation/Configuration/Development experience with SailPoint IdentityIQ (version 7 or above) including Life Cycle Management (LCM) and Compliance Manager (CM) in multiple environments (development, test, and production)
• Good knowledge/experience with LDAP, Active Directory.
• 5+ years of experience with SailPoint IIQ modules (Compliance Manager and Life Cycle Manager).
• Knowledge of all the flavors of SailPoint installation and deployment.
• Build, Configure and Deploy SailPoint IIQ Connectors for various target systems.
• Knowledge of software development lifecycle concepts (source code, management, code review, testing, etc.).
• Experience with development collaboration systems, such as JIRA.
• Hands-on with aggregation, workflows, tasks, rules and roles.
• Strong understanding of internal technical architecture of SailPoint IIQ
• Practical knowledge and experience with Identity Management technologies.
• Understanding of Role Based Access Control, Governance and Access Certification in SailPoint.
• Understanding of Fileshares and access remediation.
• Programming/scripting experience with SQL, Perl, JSP / Servlets, PowerShell
• Strong background in Java/Javascript/Beanshell skills required.
• Experience with SQL, Oracle, Sybase Databases
• Java/J2EE, xml, xhtml, JSF development skills.
• General understand of ITIL processes.
• Excellent analytical and problem solving skills required.
• Excellent verbal and written communication skills.
• BS or BA degree, preferably in technology/business or equivalent.
• Relevant certifications such as CISSP, CISM, ITIL or PMP are a plus.

Key Competencies
• Ability to operate within a high performing, motivated team, and adapt direction to accommodate changes in priorities.
• Candidate must be an independent self-starter able to perform all deployment activities with oversight and as a member of a project team.
• Knowledge of and experience with current and emerging access management technologies including IAM tools (SailPoint) and File Share Access Auditing (Varonis).
• Strong knowledge of Access Management business processes/workflows, and associated tools (ServiceNow).
• General knowledge of best practice standards that govern Information Security such as ISO, NIST and SANS.
• Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
• Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.

Preferred NA

Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.