Systems Engineer (Risk & Vulnerability Management)

Moody's

3.9

(9)

Heredia, Costa Rica

Why you should apply for a job to Moody's:

  • 78% say women are treated fairly and equally to men
  • 89% would recommend this company to other women
  • 100% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Moody’s Women’s ERG seeks to enhance the recruitment, retention, promotion and professional development of female professionals.
  • RE-IGNITE is a paid 16-week return to work program designed for individuals wishing to restart their careers after a career break.
  • Commitment of $1 million over the next five years to promote equal justice and advancement of the Black community.
  • #950

    Position summary

    thrive on every level. Learn more about our DE&I initiatives, employee development programs and view our annual DE&I Report at moodys.com/diversity

    Join the Workplace Services Desktop Engineering Team and you'll provide expert advice and counsel to users, management, and IT project teams for the most complex systems, spanning multiple functions and locations.

    We seek a seasoned Systems engineer to serve as our technical expert with a primary focus on the desktop engineering space, responsible for governing the deployment, operation, support, and vulnerability management of these platforms in partnership with our broader desktop engineering, IT operations, risk management, and security teams to name a few. The candidate will join a dynamic, global, and multi-cultural environment where he / she is expected to comfortably manage, maintain, secure, and provide the best-in-class end-user experience while protecting workstation endpoints. Candidates may be expected to attend meetings in different time zones and with offshore partner resources.

    • Stay abreast of new technical developments impacting the noted platforms as well as related vulnerability and risk management trends.
    • Create and maintain design documentation, procedures, and standards.
    • Analyze, optimize and / or automate end-user related IT processes.
    • Work closely with L3 and L2 support to develop, plan, and oversee implementation of system enhancements and upgrades in alignment with standards; be available for L3 escalation requests.
    • Support new and existing deployments through analysis of metrics, logs, system alarms, etc., to troubleshoot problems and enable preventative maintenance on the noted platforms.
    • Develop complex systems automation/scripting and related systems support activities, including system integration and monitoring.
    • Follow standard ITIL processes and procedures to lead troubleshooting and documentation related to incident, change, and problem management upon incident identification.
    • Facilitate outage restoration calls to assess application impact, notify the business, and restore operations.
    • Lead vulnerability management by identifying, prioritizing, assessing and remediating vulnerabilities for the noted platforms.
    • Collaborate with security to ensure system configuration, operating systems and Office 365 hardening are compliant with security standards.
    • Design, build, and maintain vulnerability Power BI reports and dashboards through API connection with Qualys VDMR and Patch Management solution.
    • Establish metrics and use them to produce analytical reporting and a roadmap for continuous improvement.
    • Drive clarity and action despite ambiguity.
    • Summarize and communicate complex technical and business issues for the audience both written and verbally using both technical and non-technical terms.
    • Work cross-functionally to solve both business and technical issues.

    Qualifications :

    • Mid to senior-level expertise (3 - 5 years of experience) on Windows, macOS, Microsoft Office application configurations, browser configuration and hardening, and numerous core Microsoft and enterprise infrastructure technologies.

    • Mid to senior-level expertise (3 - 5 years of experience) in vulnerability management or a related field with proven experience in strategies, prioritization, standards, risk assessment, remediation, and scanning technologies for infrastructure- and application-level vulnerabilities.

    • Working knowledge and hands-on experience in five (5) or more of the following technology areas: Microsoft Intune, patch management / vulnerability remediation, application packaging, Amazon AWS, Azure Virtual Desktop, Power BI, and macOS / JAMF Cloud.

    • Thorough understanding of Active Directory, Automated Application Development including replication, Group Policy Object and Domain Name System.

    • Automation skills; PowerShell, Python, and Bash are preferred.

    • Strong understanding of security concepts (SSL, PKI, IPsec, VPNs, Firewalls, DMZ, Proxy, and cyber-attacks).

    • Required basic understanding of network concepts (VLANs, routing, TCP/IP, load balancing, traffic analysis, etc.)

    • Required business fluency in English.

    • Knowledge of application development, network engineering, operating systems, and cloud environments.

    • Experience developing metrics, and reporting for continual program improvement.

    • Experience working with automated and open-source vulnerability scanners such as Qualys, Nessus, WebInspect, or Nexpose.

    • Ability to document, diagram, and flowchart complex design is a plus.

    Education Qualification and Certification Requirements:

    • Bachelor's Degree in computer science or equivalent area of study.

    • Industry certifications in relevant areas is a plus.

    • Minimum 5 years' experience in IT industry in relevant area.

    Actual salaries will vary and will be based on various factors, such as candidate's qualifications, skills, and competencies. The salary is one component of Moody's total compensation package for employees. Other rewards and benefits include the following: Medical, Personal Accident, Life Insurance and Time Off.

    Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

    Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

    For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

    Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee's tenure with Moody's.

    Why you should apply for a job to Moody's:

  • 78% say women are treated fairly and equally to men
  • 89% would recommend this company to other women
  • 100% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Moody’s Women’s ERG seeks to enhance the recruitment, retention, promotion and professional development of female professionals.
  • RE-IGNITE is a paid 16-week return to work program designed for individuals wishing to restart their careers after a career break.
  • Commitment of $1 million over the next five years to promote equal justice and advancement of the Black community.