Cybersecurity Analyst

Dubai, United Arab Emirates
ZM Financial Systems
10 Current Jobs Openings
Apply Now

Job Description

Imagine what we can DEVELOP with you True leaders are always learning. Moody’s is home to information architects, thinkers, builders, and passionate problem solvers, a collection of diverse viewpoints working together to bring out our best. Join us. Forward Together.
Moody’s (NYSE: MCO) is a global integrated risk assessment firm that empowers organizations to make better decisions. Our data, analytical solutions and insights help decision-makers identify opportunities and manage the risks of doing business with others. We believe that greater transparency, more informed decisions, and fair access to information open the door to shared progress. Moody’s combines international presence with local expertise and over a century of experience in financial markets. Learn more at moodys.com. At Moody’s, we’re taking action. We’re hiring diverse talent and providing underrepresented groups with equitable opportunities in their careers. We’re educating, empowering and elevating our people, and creating a workplace where each person can be their true selves, reach their full potential and thrive on every level. Learn more about our DE&I initiatives, employee development programs and view our annual DE&I Report at moodys.com/diversity
Moody’s Analytics provides financial intelligence and analytical tools supporting our clients’ growth, efficiency and risk management objectives. The combination of our unparalleled expertise in risk, expansive information resources, and innovative application of technology, helps today’s business leaders confidently navigate an evolving marketplace. Department
In the Banking group, we help lending institutions make important decisions about their business, particularly when they are providing loans, managing risk, or conducting financial planning for the future of their institution. We do this with our innovative software and reliable analytics, helping them understand how to do their job better through training, learning solutions and advisory services. We are a dedicated team of experts in technology and financial analytics who understand what our clients need. Role/Responsibilities
As a Cybersecurity Analyst – Application Security professional, you wear different hats at different times depending on the needs of the RISK team and assistance requested from other teams as required. You are a team player and work towards a common department goal and the company’s vision. Responsibilities but not limited to:
  • Collaborating with system owners and lead developers to implement security best practices, address risks and provide mitigation recommendations.
  • Defining and documenting how implementing a new system or interface impacts the security posture of the current environment.
  • Performing security reviews, identifying gaps in security architecture and design.
  • Identify, communicate, and drive the resolution of vulnerabilities.
  • Provide or coordinate the information technology response to internal and external security assessments/pentest/bug bounty programs.
  • Work with CI/CD tools such as Jenkins to evaluate the security of the CI/CD process.
Dynamic Scanning
    • Evaluating external Pen Testing results – ensure results are mitigated within expected turnaround time based on the risk level of items.
    • Using tools like BurpSuite, OWASP ZAP, and Fiddler etc., to perform internal Pen Testing, verify the resolution of previously reported items, and pro-actively identify issues earlier in the SDLC process.
    • Using tools like Netsparker for dynamic scanning and working with the team to educate them on best practices to resolve reported findings.
Static Scanning
  • Using tools like Veracode and Snyk at the point of software builds.
  • Using tools like Dependency Checker to identify all dependencies and any CWEs (Common Weakness Enumeration).
  • Ensure secure coding standards are in place – educate team on standards and best practices – continue to grow standards over time.
  • Ensure code reviews are in place and happening at the level we expect.
  • Related Technologies:
Net (ASP.Net / C#)
JavaScript
AngularJS
SQL Server / PostgreSQL
Python
Java
  • System security vulnerabilities and remediation techniques.
  • Facilitating training and knowledge sharing with engineering team members.
  • Network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Security across multiple disciplines (data, database, operating system).
  • Other duties as assigned.
Qualifications
  • Minimum Bachelor’s degree in Computer Science.
  • Experience working with DEV and QA teams to ensure application security principles are enforced in various stages of the SDLC process.
  • Experience working in a security capacity with the development team(s) that deliver a software-based service.
  • Demonstrated experience testing security solutions and applications.
  • Deep knowledge of common web application vulnerabilities identified under OWASP Top 10 (e.g., XSS, CSRF, click jacking) and their mitigation strategies.
  • Must have experience with Net (ASP.Net / C#) experience
  • Experience with tools like BurpSuite, OWASP ZAP, and Fiddler
  • Experience using tools like Veracode and Snyk at the point of software builds
  • In-depth understanding of computing security fundamentals.
  • Comfortable working in a Secure SDLC environment and familiar with CICD pipelines.
  • Experience in application security tools like BurpSuite and ZAP and the CICD security plugins.
  • Strong understanding of threat modeling and security methodologies.
  • Familiar with protocol analysis and cryptography.
  • Current security certifications like GCIH GWEB, CEH, OSCP, CISSP, and others are nice to have but not required.
Must be fully vaccinated for COVID-19 (i.e., at least 2 weeks after last dose) and, if hired, present proof of vaccination on start date, as determined by Moody’s. Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications. For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act. Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement.
For Colorado-based roles only: the anticipated base salary range for this position is $86,500 to $125,500, depending on factors such as experience, education, level, skills, and location. This range is based on a full-time position. In addition to base salary, this role is eligible for annual performance incentive compensation. Moody’s also offers a competitive benefits package, including not but limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, a discounted employee stock purchase plan, and tuition reimbursement.
Candidates for Moody’s Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

Beware of fraud agents! do not pay money to get a job

MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD1410640
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Dubai, United Arab Emirates
  • Education
    Not mentioned
 
 
Jobs by Function
Popular Job Skills
Popular Industries
Popular Cities
Jobseekers
Employers
Home | About Us | Terms & Conditions | Privacy Policy | Help and FAQ | Contact Us
All rights reserved © 2024.