Job Description

Moody\xe2\x80\x99s Central IT Risk is looking for a cybersecurity analyst of Information Risk and Security Access Management to join its growing organization. This is a challenging position ideally suited to an experienced graduate looking for the change or move. The position will require a demonstrable knowledge of Information Security practice in relation to Access Management, knowledge of Information Security standards, technologies and processes, as well as good communication and organization skills. The candidate is highly motivated with an eagerness to learn and willing to take on challenges, able to multi-task to succeed and has the ability to work with minimal oversight. The candidate should have a mindset to work on automation of manual work via scripting tools. The Moody\xe2\x80\x99s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody\xe2\x80\x99s business requirements. The Access Management team has global responsibility for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of Access Management security services. The Information Risk and Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. The team is responsible for key programs including Information Risk and Security Operations, Engineering, Patch and Vulnerability Management, Data Loss Prevention, Access Control, Threat Management, Security Monitoring and Incident Response.

The Information Risk and Security business analyst will strive to become a functional subject matter expert and customer liaison for the Identity and Access Management (IAM) platform solutions. The candidate is responsible for providing overall customer guidance in functional capabilities and best practices usage of the IAM environment. The Candidate will also show the desire to drive the change toward automation technologies and/or practices and to move away from current manual activities. The successful candidate will have an understanding in the areas of Identity and Access Management, security access automation technologies, business process and service desk ticketing systems, awareness of security best practices standards (ISO, NIST, COBIT), audit and regulatory frameworks such as SOX as well as ITIL processes. Good documentation and scripting skills are also crucial to successful process and project delivery.



Functional Responsibilities:

• Should have good understanding of access management tools like Active Directory, Microsoft Azure, SailPoint, Office 365, Okta, Varonis, PAM tools etc.
• Ability to understand and document business requirements and define specifications.
• Demonstrable understanding of requirements fit/gap analysis.
• Ability to script solutions in appropriate tool for automation purposes.
• Knowledge of business process optimization.
• Demonstrable knowledge and understanding of User provisioning for different accounts.
• Demonstrable knowledge of incident and request management especially in relation to applications and security environments.
• Should be able to provide On-call support for the emergency and high severity issues.
• Demonstrate a desire to develop and improve Standard Operating Procedures according to requirements with a move to automation.
• Person should be able to manage multiple work queues efficiently.