- New York, NY, USA
- Permanent, Full time
VP-Security Risk Assessment & Architecture
Location: New York, NY, USARole/Responsibilities:
Moody's Information Risk and Security is looking for a Vice President, Security Risk Assessment & Architecture, to join its growing organization. This is a challenging position requiring a strong background in Information Security practice, solid communication and organization skills, and a deep knowledge of Information Security and how it can be applied to infrastructure and cloud components. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed, and has the ability to work independently with minimal oversight. This is a decision making role and will require the candidate to make material decisions on the posture of Moody's Information Security Controls.
The Moody's Information Risk and Security team are responsible for helping the organization balance risk by aligning policies and procedures with Moody's business and regulatory requirements. The team's mission is to identify risks to Moody's data and systems and implement strategies to aid in defending against and mitigating those risks. They are responsible for key programs including Security Architecture, Cyber Security, Identity Management and Vendor Security Management. The Information Risk and Security team sets the strategic direction for IT risk and security globally and aligns with stakeholders throughout the organization.
Required Functional Responsibilities
- Provide security architecture designs and security consulting services for enterprise IT projects that cross multiple platforms and ensure alignment with Moody's security architecture.
- Independently lead the delivery of large, global security projects focused on core services such as key management, cloud compliance, monitoring and security control automation.
- Review and approve architectural security patterns for Moody's Lines of Business.
- Lead the creation of and adherence to Cyber-Security and Information Security Reference Architectures by working with the CyberSecurity Engineering team and developing reusable patterns for security.
- Be able to review application and infrastructure Risk Assessments, provide feedback and course correct junior staff members.
- Development and execution of training programs for security champions within the various business units to ensure alignment with security
- Research and evaluate security concerns with new and emerging technologies with particular focus on SaaS, PaaS and IaaS specifically MS Azure / AWS.
- Lead successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders and technology SMEs.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email firstname.lastname@example.org.. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.