Systems Engineer

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways.

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity.

The Technology Risk Analyst (Systems Engineer) is an integral part of the Technology Risk Management team contributing to the identification and monitoring of TSG controls. This role will partner with technology risk colleagues across all Moody’s business units including Cyber and Enterprise Risk Management. You will be responsible for understanding the technology environment, risks, issues, and cross-functional dependencies for TSG holistically as well as within individual TSG processes.

You will participate in risk assessment and partner with process owners to identify and document controls that reduce inherent risk to an acceptable residual level, using both industry control frameworks and Moody’s minimum technology standards as a guide for complete and consistent coverage. You will advise process owners on control improvements and substantive artifacts that show evidence of an effective control. You will assist process owners in the identification and documentation of issues relative to control design or operating effectiveness. You will assist with the review of control evidence for overall adequacy and reasonableness relative to metrics (e.g., key risk and performance indicators) and related reporting. You will support project management teams with the identification of risks and controls during new system implementations and/or process changes. You will support process teams during internal audit or compliance reviews. You will prepare reporting related to internal controls and assist with other duties as requested as the risk management function continues to mature.

Functional Responsibilities:

• Collaborate with process owners to proactively identify, document, assess, monitor, and report on controls.
• Update and maintain the controls library including formal mapping to industry standards, regulation, and Moody’s minimum technology standards, and TSG processes.
• Support TSG with issue identification, root cause analysis, response, and ownership.
• Enhance the business’ risk maturity by advising on ways to improve the internal control environment.
• Prepare and present reporting on internal controls.
• Participate in the execution of technology risk initiatives, audits and reviews including those related to cyber security, generative AI, mergers and acquisitions, enterprise risk management, compliance and regulatory reporting, business continuity/operational resilience, third-party risk, etc.

Qualifications:

• Undergraduate degree, preferably in Information Technology, Process Engineering, Accounting, Management, or related discipline
• 5-7 years in Technology Risk Management, Internal Audit, IT Compliance, or Enterprise Risk Management
• CISA, CISM, or professional technology/risk management certification a plus
• Familiarity with COBIT, ISO 27001, NIST or other technology control frameworks
• Excellent oral, written, and interpersonal skills
• Highly developed analytical skills and innovative problem-solving abilities, strong attention to detail
• Ability to quickly learn new concepts, curious, and willing to challenge the status quo
• Self-motivated; takes ownership of assigned tasks

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.