Job Description

Moody\'s is a developmental culture where we value candidates who are willing to grow. So, if you are excited about this opportunity but don\'t meet every single requirement, please apply! You may be a perfect fit for this role or other open roles.Moody\'s is a global integrated risk assessment firm that empowers organizations to make better decisions.At Moody\'s, we\'re taking action. We\'re hiring diverse talent and providing underrepresented groups with equitable opportunities in their careers. We\'re educating, empowering and elevating our people, and creating a workplace where each person can be their true selves, reach their full potential and thrive on every level. Learn more about our DE&I initiatives, employee development programs and view our annual DE&I Report atDepartmentMoody\'s Information Risk and SecurityThe Moody\'s IT Risk Management team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody\'s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and Compliance) reporting and the delivery of security services including the company\'s Cyber Security program. The IT Risk Management team sets strategic direction for IT risk and security globally and aligns with stakeholders throughout the organization.
We are looking for an Identity and Access Management Operations Auditor expert to join our team. The ideal candidate will have a sharp eye for detail and a deep understanding of IAM tools and operations. This role requires a blend of technical expertise and auditing competence to ensure that IAM operational functions adhere to best practices, company standards, and regulatory requirements.Key Responsibilities:

• Review and assess the effectiveness and efficiency of IAM tools and their associated operational processes.
• Identify operational risks associated with IAM functions and recommend mitigation strategies.
• Monitor changes to IAM operations and assess their impact on security and compliance posture.
• Provide detailed reports on audit findings, including areas of non-compliance or potential risk.
• Update and refine auditing procedures and checklists based on the evolving IAM landscape.
• Work with senior management and stakeholders to ensure understanding and acceptance of audit findings.
• Assist in developing action plans to address identified weaknesses and track progress against these plans.
• Stay updated with the latest industry standards, methodologies and emerging threats related to IAM.
• Attend workshops, webinars, and training sessions to improve auditing skills and IAM knowledge.

Qualifications:

• Bachelor\'s degree in Information Technology, Computer Science, or a related field.
• Minimum of 2-3 years of experience with access administration.
• In-depth knowledge of IAM tools, operations, and standard methodologies.
• Demonstrable experience in operational auditing, preferably within the IAM domain.
• Should have good hands-on experience with industry access management tools like Active Directory, Microsoft Exchange (advance knowledge around excel), IDAM, Office 365 etc.
• Experience in oversight, governance and operations of all aspects of access management.
• Ability to script solutions in appropriate tool for automation purposes.
• Proven knowledge of incident and request management especially in relation to applications and security environments.
• Knowledge and proficiency in troubleshooting application problems/issues (from a functional perspective).
• Ability to lead small teams to achieve stated objectives within agreed timescales and meeting required quality standards.
• Understanding of security controls including NIST and ISO 27001.
• Relevant certifications such as CISA, Splunk or Reporting/ BI tools experience is a plus.

Moody\'s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.Candidates for Moody\'s Corporation may be asked to disclose securities holdings pursuant to Moody\'s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

Moody\'s