Senior Controls Analyst Jobs in Moody's Corporation - Gurgaon

Job Description

Responsibilities:

• Maintains an understanding of the technological processes, risks and controls related to Moody’s business, specifically for the area under review.
• Understands team objectives and cooperates and collaborates with others to achieve them.
• Manages cybersecurity defence lifecycle, including scoping, documentation, tests of design and effectiveness, reporting
• Validate design and operating effectiveness of Cyber controls and delivering a quality work product, free of errors and on time.
• Develop test steps for the area under review commensurate with the nature of risk and risk levels.
• Performs testing of various Reports, Interfaces, Applications, and ITGCs
• Performs detailed reviews of the tests/audits conducted by the team
• Proactively identify and monitor process and system changes, and other areas of change that have a direct impact on the company’s cybersecurity posture.
• Assists in developing or supporting other deliverables i.e. local/regional regulators requests, board materials
• Maintain repository of documentation, testing evidence, and internal policies, and provide summary status reporting and presentation to business units and management
• Performs a root cause analysis and impact assessment on the issues identified during course of testing/audit in accordance with a framework designed
• Understands the processes/controls under review and uses critical thinking to ensure that identified risks are appropriately mitigated by management procedures
• Demonstrates ability to outline facts around potential issues and discuss internally and with stakeholders.
• Proactively develops appropriate initial resolutions to obstacles to be discussed with project sponsor
• Develops and maintain good working relations with stakeholders.
• Interact with management at various levels regarding cyber controls, issues and the project
• Demonstrates ability to delegate work effectively and take ownership/ accountability
• Manages multiple and often conflicting priorities tasks in a Global Environment
• Drive improvements & Identifies for enhancing delivery by applying analysis, business intelligence, and problem-solving techniques
• Continuously expands knowledge of data analytics and use of technology to enhance audit testing, identify opportunities for continuous monitoring and repeatable test plans.
• Capable of performing intermediate level data analytics functions within Excel or equivalent applications (e.g. Access, Tableau, ACL), and leverages, contributes, and improves the data analytics library.
• Maintains curiosity and exercises professional scepticism
• Coach team members to enhance their competence and professional development.
• The Senior Controls Analyst is an experienced professional capable of assisting with the development, execution and continuous improvement of Cyber Controls programming encompassing in accordance with Moody’s and departmental standards
• Maintains an understanding of the technological processes, risks and controls related to Moody’s business, specifically for the area under review.
• Understands team objectives and cooperates and collaborates with others to achieve them.
• Manages cybersecurity defence lifecycle, including scoping, documentation, tests of design and effectiveness, reporting
• Validate design and operating effectiveness of Cyber controls and delivering a quality work product, free of errors and on time.
• Develop test steps for the area under review commensurate with the nature of risk and risk levels.
• Performs testing of various Reports, Interfaces, Applications, and ITGCs
• Performs detailed reviews of the tests/audits conducted by the team
• Proactively identify and monitor process and system changes, and other areas of change that have a direct impact on the company’s cybersecurity posture.
• Assists in developing or supporting other deliverables i.e. local/regional regulators requests, board materials
• Maintain repository of documentation, testing evidence, and internal policies, and provide summary status reporting and presentation to business units and management
• Performs a root cause analysis and impact assessment on the issues identified during course of testing/audit in accordance with a framework designed
• Understands the processes/controls under review and uses critical thinking to ensure that identified risks are appropriately mitigated by management procedures
• Demonstrates ability to outline facts around potential issues and discuss internally and with stakeholders.
• Proactively develops appropriate initial resolutions to obstacles to be discussed with project sponsor
• Develops and maintain good working relations with stakeholders.
• Interact with management at various levels regarding cyber controls, issues and the project
• Demonstrates ability to delegate work effectively and take ownership/ accountability
• Manages multiple and often conflicting priorities tasks in a Global Environment
• Drive improvements & Identifies for enhancing delivery by applying analysis, business intelligence, and problem-solving techniques
• Continuously expands knowledge of data analytics and use of technology to enhance audit testing, identify opportunities for continuous monitoring and repeatable test plans.
• Capable of performing intermediate level data analytics functions within Excel or equivalent applications (e.g. Access, Tableau, ACL), and leverages, contributes, and improves the data analytics library.
• Maintains curiosity and exercises professional scepticism
• Coach team members to enhance their competence and professional development.

Qualifications/ Skills:

• Bachelor’s Degree and CISA, CISSP,OSCP as additional qualification will be preferred
• 4-6 years of experience in a Big 4 Consulting firm or a Global organization
• Knowledge of standards and control frameworks such as NIST CSF, ISO 27001, CIS.
• Cybersecurity Assessment, security reviews of network and system architecture design
• Experience with Incident Response, associated tools and technologies.
• Understanding of firewall Management, Network Adress Translation , VPN, segmentation of networks, Network Access Control Systems
• Privilege Access Management Systems(Cyber Arc, Beyond Trust)
• Strong knowledge of Windows, networking, cloud solutions, security technologies.
• Secure Configuration Reviews, Review of Hardening Parameters vis-à-vis CIS benchmarks
• In-depth understanding of on-prem and cloud infrastructure.
• Knowledge of Vulnerability Detection tools such as qualys / tenable
• Experience in operational cyber security management ( SOC, SIEM, Vulnerability Management, WAF,DLP).
• Awareness of regulations pertaining to financial services industry.
• Proficiency in Microsoft Office suite and other Automation tools.
• Ability to work both independently and as a member of a team in a fast-paced environment and handle multiple tasks simultaneously.
• An ideal candidate should be innovative, result oriented and should be able to demonstrate strong communication.