- New York, NY, USA
- Permanent, Full time
SVP-Cybersecurity: Cloud and Platform Security
Location: New York, NY, USAMoody's Information Security is looking for a Senior Vice President of Cybersecurity: Cloud and Platform Security to join its growing organization. This is a challenging position requiring a strong background in Information Security practice, deep knowledge of Information Security standards, best practices, technologies and processes, as well as solid communication and organization skills. The candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight. This is a decision making role and will require the candidate to make material decisions on the posture of Moody's Information Security Controls.
The Moody's Information Risk and Security team are responsible for helping the organization balance risk by aligning policies and procedures with Moody's business requirements. The team has global responsibility for the development, enforcement, and monitoring of security controls, policies, and procedures, and for the delivery of security services. The Cybersecurity team sets the strategic direction for security within the organization and aligns with stakeholders throughout the company. The team is responsible for key programs including Cloud Security, Security Automation and Orchestration, Data Loss Prevention, Threat Assessment, Security Monitoring and Incident Response.
The SVP - Cybersecurity: Cloud and Platform Security assume leadership of the teams responsible for global security design, security automation and cloud compliance, security infrastructure operations, and cloud and disruptive technology operations. Experience with cloud providers (AWS, Azure) and cloud security architecture, governance and security add-ons (e.g. CASB, logging services, network tap, cloud identity management tools) is a must. The successful candidate will also have a strong background in multiple security disciplines and technologies, including network and endpoint security, identity and access management, end-user security services (e.g. web content filtering), SIEM, and security automation/orchestration. Strong communication, including presentation and documentation skills, are also crucial to being successful in this role.
- Lead the Security Engineering, Security Operations, and Cloud Security teams, driving productivity, performance, adherence to process, and alignment with department and company goals.
- Establish as a thought leader within the organization, working with development and project teams and their senior leadership, evangelizing our security principles and standards.
- Act as the lead sponsor for Information Security and Risk projects, working with project teams comprised of Subject Matter Experts and Project Managers, and providing the direction, guidance, planning, expertise, communication and escalation necessary to guarantee the project's timely and satisfactory completion.
- Research and evaluate security concerns with new and emerging technologies with particular focus on SaaS, PaaS, and IaaS specifically MS Azure / AWS. Provide input and guidance to teams looking to leverage these technologies.
- Create and deliver meaningful presentations and reports on program goals and status, tailored to multiple audience types.
- Drive implementation of new security technology platforms by providing thought leadership on design, vendor selection, and deployment.
- Manage project and operational budgets; providing clear estimates and accurate forecasts.
- Partner with other leaders and business project sponsors to build consensus on project requirements and expected timelines, as well as report on the status and key project risks.
- Act as a backup to other senior department leaders as needed.
- Create, maintain and align Moody's Information Security policies and standards with industry best practices and business needs.
Minimum education and work experience required for this position include:
- Minimum 12 years of experience in progressively more senior Information Security roles.
- BS or BA degree, preferably in technology/business or equivalent.
- Relevant certifications such as CISSP, AWS or other cloud security certs, are a plus.
- Extensive and demonstrable experience with cloud providers (AWS, Azure) and cloud security architecture, governance and security add-ons (e.g. CASB, logging services, network tap, cloud identity management tools) is a must.
- Strong background in multiple security disciplines and technologies, including network and endpoint security, identity and access management, end-user security services (e.g. web content filtering), SIEM, and security automation/orchestration, including deployment in public cloud (AWS, Azure) environments.
- Adaptability and flexibility; ability to set team priorities on a continual basis, depending on emerging technologies, business demand, and risk profile.
- Current knowledge of security technologies and trends, understanding how trends in the technology and threat landscapes drive roadmap and architecture decisions.
- Strong knowledge of best practice standards that govern Information Security such as ISO, NIST, and SANS.
- Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
- Strong presentation skills, able to create and present meaningful material which is tailored to various audiences from technical to executive management.
- Proven ability to lead projects and initiatives within schedule and budget.
- Ability to influence stakeholders to adopt Moody's Information Security practices.
- Ability to delegate work effectively and escalate issues in a time critical manner.
Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $4.2 billion in 2017, employs approximately 11,900 people worldwide and maintains a presence in 41 countries. Further information is available at www.moodys.com.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email firstname.lastname@example.org.. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
MIS and MSS Candidates are asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.