• Competitive
  • Edinburgh, Scotland, United Kingdom
  • Permanent, Full time
  • Moody's
  • 2018-10-23

Cybersecurity Data Engineer

Location: Edinburgh, Scotland, United Kingdom


Role & Responsibilities:

Moody's Information Risk team is looking for a Cybersecurity Data Engineer to join its growing organization.

The Cybersecurity Data Engineer will be part of the Cybersecurity Analytics team and will be responsible for working with Moody's SIEM platform based on Splunk and engineering and implementing data collection, storage and analysis solutions in the cloud.

This position will be responsible for engineering and developing a large scale data store in the cloud using cloud native services such as AWS RDS, Hadoop, AWS Kinesis, AWS Athena, AWS Lambda, Apache Kafka, Apache Spark, AWS S3. This role will require an understanding of streaming data and the associated methods of storing and analyzing streaming data.

Additionally, the position will be integral in working with the Moody's SEIM platform (Splunk). The role will involve designing Splunk queries that assist the cybersecurity department in identifying potentially malicious activity and assisting other teams at Moody's to make better data driven decisions using Splunk.

This position requires technical background in Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability to work independently and with minimal oversight.

The Moody's Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.

Functional Responsibilities

  • Engineer and build data collection, storage and analytical solutions in the cloud using cloud native and open source technologies.
  • Engineer and build pub/sub environments in the cloud to make data more readily available across the organization.
  • Engineer ETL applications to clean data before being entered into Moody's centralized data repository.
  • Work as part of the Cybersecurity Analytics program, assisting various departments and individuals at Moody's to onboard new data sources into the SEIM.
  • Construct advanced reports, dashboards and alerts using Splunk and other cloud native analysis tools. Operationalize these capabilities with documentation in the form of standard operating procedures.
  • Work with other Cybersecurity teams such as Incident Response.
  • Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
  • Partner with system owners to identify upcoming end of life components, and plan track their decommissioning.


Department/Team

With 400 employees and 800 contractors worldwide, Moody's Shared Services provides technology solutions for Moody's Investors Service, Moody's Shared Services and Moody's Analytics. The organization is going through an exciting period of growth and opportunity as we embark on a corporate-wide Transformation program and partner with the business to drive revenue growth, efficiency, risk management, and expansion of our client base via new solutions and application modernization. The development and ongoing support of key ratings and enterprise systems ensure the company's premier standing among credit rating agencies and enable its evolution alongside regulatory and business demands.

Moody's continuously seeks talented individuals to drive the execution of its enterprise technology roadmap, which offers exciting career opportunities across the application delivery lifecycle, architecture, software and platform engineering, IT security and risk management, infrastructure and technology operations, vendor management, and service management.

#LI-LM1

Qualifications:

Minimum education and work experience required for this position include:

  • Accomplished experience in the IT industry, preferably in a financial services organization.
  • Experience of direct security analytics or big data analysis.
  • Advanced knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
  • Demonstrate some level of knowledge of the Splunk application and its associated search language.
  • Demonstrate advanced level knowledge of all or some of the following: Hadoop, AWS RDS , AWS Kinesis, Apache Spark, AWS Glue , AWS Lambda, Apache Kafka, AWS S3
  • BS or BA degree, preferably in Computer Science, other sciences.
  • Relevant certifications such as CISSP are a plus.
  • Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.


Key Competencies
  • Hands-on experience managing SEIM platforms including Splunk. Reasonable familiarity with Splunk architecture and search language. .
  • Hands-on experience engineering and building data solutions using services such as Hadoop, AWS RDS, AWS Kinesis, Apache Spark, AWS Glue, AWS Lambda, Apache Kafka, AWS S3 .
  • Reasonable understanding of Indicators of Compromise and other methodologies to detect incident-related anomalies.
  • Must understand and be familiar with data modeling concepts.
  • Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
  • Reporting and dashboards - must be able to create reports and dashboards that represent significant data findings to both technical and executive audiences.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives


Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $4.2 billion in 2017, employs approximately 11,900 people worldwide and maintains a presence in 41 countries. Further information is available at www.moodys.com.

Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.