Cybersecurity Engineer - Splunk - Gurgaon, IN - Moody's Corp

Cybersecurity Engineer - Splunk - Gurgaon, IN - Moody's Corp

Job description

Role/Responsibilities

Moody’s Information Risk team is looking for a Cybersecurity Engineer to join its growing organization.
The Cybersecurity Engineer will join a Splunk engineering team responsible for working with Moody’s Cybersecurity’s SIEM platform based on Splunk and owning the health, accuracy and maintenance of the application on a go forward basis. This individual will work at the direction of senior team leads to perform application upgrades, configure Splunk, onboard data to Splunk and perform a variety of health checks to ensure the availability of the Splunk platform.

This role will also involve designing Splunk queries that assist the cybersecurity department in identifying potentially malicious activity and assisting other teams at Moody’s to make better data driven decisions using Splunk. This involves the development of dashboards and reports in Splunk.
This position requires a technical background in Splunk administration, architecture and Splunk search and app development. The individual must have an understanding of Information Security practice, and solid communication and organization skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work independently and with minimal oversight.

The Moody’s Information Security team is responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, and for the delivery of security services. The Information Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company.

Functional Responsibilities
  • Join a Splunk engineering team responsible for the health and accuracy of Splunk system, identifying configuration errors and undertaking remediation activities.
  • Perform health check activities to ensure the availability of the Splunk environment.
  • Follow a comprehensive set of SOPs related to Splunk application administration.
  • Identify enhancements and architect upgrades to the Splunk application.
  • Manage the Moody’s Splunk universal forwarder configurations, deploying updates and changes as required.
  • Provide data onboarding and data cleaning services in Splunk for the Moody’s organization.
  • Work with other Cybersecurity teams such as Incident Response.
  • Construct advanced reports, dashboards and alerts using Splunk and operationalize these capabilities with documentation.
  • Correlate disparate data sets together in Splunk for the purpose of the Cybersecurity team.
  • Ability to exercise sound technical, interpersonal and organizational judgment while evaluating and solving complex problems.
  • Partner with system owners to identify upcoming end of life components, and plan track their decommissioning.
Required Qualifications
  • Minimum education and work experience required for this position include:
  • At least 3 years of experience in IT industry, preferably in a financial services organization.
  • Minimum of 2 recent years direct Splunk architect and administration experience.
  • Advanced knowledge of Splunk administration, search language (SPL), search techniques, alerts, dashboards and report building.
  • Expert knowledge of regular expressions and at least one common scripting language (PERL, Python, VB Script).
  • BS or BA degree, preferably in Computer Science, other sciences.
  • Relevant certifications such as CISSP are a plus.
  • Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
Key Competencies
  • Hands-on experience using Splunk platform. Advanced level of familiarity with Splunk search languages, including mathematical and statistical functions.
  • Hands-on experience managing Splunk platform. Familiarity with Splunk architecture, implementation, management and maintenance.
  • Hands on experience working as part of a SEIM engineering team (ideally Splunk).
  • Reasonable understanding of Indicators of Compromise and other methodologies to detect incident-related anomalies.
  • Must understand and be familiar with modeling security related data concepts, such as net flow, Web browsing, authentication, email flow, etc.
  • Good written and oral communication skills including the ability to interact directly with customers that do not have an IT background.
  • Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model.
  • Reporting and dashboards – must be able to create reports and dashboards that represent significant data findings to both technical and non-technical audiences.
  • Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
Preferred Qualifications
  • BS or BA degree, preferably in Computer Science, other sciences.
  • Relevant certifications such as CISSP are a plus.
  • Proficiency in a second language is a plus, especially Mandarin, Korean, Japanese or Russian.
LOB/Department
Cyber Security Services
Job Req ID
14542BR
Entity
Moody's Shared Services (MSS)
Line of Business
Information Risk and Security (INFORISK)
Regular/Temporary
Regular
City (Select ONLY the primary location)
Gurgaon
Job Category
Corporate Services
Job Sub Category
Corporate Services

Experience Level

Experienced Hire
Working at Moody's
Moody's is an essential component of the global capital markets, providing credit ratings, research, tools and analysis that contribute to transparent and integrated financial markets. Moody's Corporation (NYSE: MCO) is the parent company of Moody's Investors Service, which provides credit ratings and research covering debt instruments and securities, and Moody's Analytics, which offers leading-edge software, advisory services and research for credit and economic analysis and financial risk management. The Corporation, which reported revenue of $4.2 billion in 2017, employs approximately 11,900 people worldwide and maintains a presence in 41 countries. Further information is available at www.moodys.com.
Entity
Moody’s Shared Services are the front line professionals including Finance, Technology, Legal, Compliance and Human Resources, that operationally support our business units. Exceptional Shared Services teams are vital to the international success of our business.
EEO Policy
Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.
Securities Trading Policy (STP)
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.