LOCATION(S):

• MIS Support Center, 4th floor, East Tower, Eurocenter Business Center, in front of Cenada, Heredia, 40104, CR
  Line Of Business: CYBERSECURITY(CSG)

JOB CATEGORY:

• Engineering & Technology
  Experience Level: Experienced Hire
  At Moody’s, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways.
  If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity.

SKILLS AND COMPETENCIES

• Minimum 2 years of program/process design and process improvement experience
• Demonstrated expertise with security, 3rd party oversight,
• 3+ years of work experience in Finance Sector within IT, Finance, HR or Operations
• Excellent communication skills with respect to both technical and non-technical audiences at various levels of the organization
• Experience with data, reporting, analytics and automation practices & solutions
• Passion for end to end solutions and delighting the end user through effective listening and expectation management

EDUCATION

• Bachelor’s Degree in Finance, Computer Science, MIS or Business preferred

The ideal candidate will demonstrate extensive knowledge and a proven record of success in:

• Working with process-based, technology-enabled solutions that ensure vendors/affiliates meet required information security standards
• Demonstrating strong communications and influencing skills, interacting with different teams across the organisation and establishing relationships with affiliates and vendor contacts
• Experience with Vendor Risk Management toolsets (OneTrust experience preferred), including assessment using standardized collection templates (e.g. CAIQ/SIG questionnaires/SOC2 reports, etc.), configuration of risk assessment formulas, understanding of vendor risk reporting
• Proven organizational skills, the ability to work to strict deadlines when necessary and manage and prioritize deliverables from multiple sources
• Demonstrating high performance as a team player, working on a common vision, leveraging diverse views and encouraging improvement and innovatio

In the management of Moody’s vendors, the Analyst will drive the due diligence, risk assessment, onboarding and continuous monitoring of Moody’s vendors to ensure these entities are in compliance with MCO vendor security control guidelines. If the vendors are not properly aligned, the Analyst will drive initiatives to close gaps. The analyst will also help manage the software review process, to assess the risks associated with onboarding new products.
The Analyst will also be empowered to identify opportunities to streamline process and leverage technology to ensure vendors do not present unwarranted risk to the company. The Analyst will work closely with other information security teams including access management, architecture, incident management and business liaisons to ensure recommended initiatives are properly coordinated across the security landscape.

The ideal candidate will demonstrate extensive knowledge and a proven record of success in:

• Working with process-based, technology-enabled solutions that ensure vendors/affiliates meet required information security standards
• Demonstrating strong communications and influencing skills, interacting with different teams across the organisation and establishing relationships with affiliates and vendor contacts
• Experience with Vendor Risk Management toolsets (OneTrust experience preferred), including assessment using standardized collection templates (e.g. CAIQ/SIG questionnaires/SOC2 reports, etc.), configuration of risk assessment formulas, understanding of vendor risk reporting
• Proven organizational skills, the ability to work to strict deadlines when necessary and manage and prioritize deliverables from multiple sources
• Demonstrating high performance as a team player, working on a common vision, leveraging diverse views and encouraging improvement and innovation