At a Glance
- Tasks: Lead cybersecurity strategy and manage risks for business units while promoting a secure culture.
- Company: Join Moody's, a global leader in risk assessment and innovative AI solutions.
- Benefits: Inclusive environment, competitive salary, and opportunities for professional growth.
- Other info: Collaborative team focused on embedding security into innovation and daily operations.
- Why this job: Make a real impact by transforming how the world sees risk and security.
- Qualifications: Strong background in information security and experience with cloud-native environments.
The predicted salary is between 80000 - 120000 £ per year.
At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. Moody’s is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we’re advancing AI to move from insight to action—enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock opportunity, helping our clients navigate uncertainty with clarity, speed, and confidence.
We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity.
Skills and Competencies- Strong background in information security, cybersecurity engineering, or security architecture, enabling effective advisory support to the business.
- In-depth knowledge of cybersecurity and risk management frameworks such as NIST Cybersecurity Framework, ISO 27001, and Cloud Security Alliance controls.
- Ability to translate complex technical risks into clear, actionable business language for senior stakeholders.
- Experience working with cloud-native environments, modern application architectures, and DevOps practices.
- Excellent stakeholder management, communication, and executive-level presentation skills.
- Professional certifications such as CISSP, CISM, CISA, CCSP, or similar (preferred).
- Demonstrated understanding of artificial intelligence concepts, with experience using AI-enabled tools to improve security analysis, risk management processes, and operational efficiency, while maintaining awareness of ethical and responsible AI use.
- Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related discipline (or equivalent professional experience).
- Vice President -BISO will act as the primary cybersecurity partner for assigned business units, embedding secure‑by‑design practices, managing risk, and aligning security strategy with business objectives.
- Serve as the primary security liaison for business unit leadership, ensuring enterprise security strategy is embedded into business planning and decision‑making.
- Partner with engineering and architecture teams to apply secure design patterns, cloud security frameworks, and cybersecurity best practices.
- Conduct, oversee, and validate cybersecurity risk assessments covering applications, products, and third parties, and maintain risk registers.
- Ensure alignment with applicable regulatory and compliance frameworks, including GDPR, DORA, and other jurisdictional requirements.
- Support cyber vendor risk management activities by reviewing onboarding assessments, continuous monitoring outputs, and risk exceptions.
- Act as an escalation point between business applications, Security Operations, and Incident Response teams during security events.
- Promote cybersecurity culture by supporting security awareness initiatives and developing Security Champions within the business.
- Prepare and present updates on security posture, key risks, metrics, and roadmaps to senior leaders and governance forums.
Our Cyber Security team is responsible for protecting Moody’s information assets and enabling the business to operate securely and resiliently. The team partners closely with technology and business stakeholders to embed security into products, platforms, and daily operations, supporting innovation while effectively managing risk.
VP, Information Security Strategy & Enterprise Risk employer: PowerToFly
At Moody's, we pride ourselves on fostering an inclusive and innovative work environment where every employee is empowered to contribute their unique perspectives. As a global leader in risk assessment, we offer exceptional growth opportunities, a commitment to professional development, and a culture that champions collaboration and integrity. Located in a vibrant city, our team thrives on the cutting-edge of technology, particularly in AI and cybersecurity, making it an exciting place for those passionate about transforming risk into opportunity.
StudySmarter Expert Advice🤫
We think this is how you could land VP, Information Security Strategy & Enterprise Risk
✨Tip Number 1
Network like a pro! Reach out to current employees at Moody's on LinkedIn or through mutual connections. A friendly chat can give you insider info and might even lead to a referral, which is always a bonus!
✨Tip Number 2
Prepare for the interview by understanding Moody's values and how they align with your own. Think of examples from your past experiences that showcase your ability to invest in relationships and champion diverse perspectives.
✨Tip Number 3
Show off your skills! Be ready to discuss how you've tackled cybersecurity challenges in the past. Use clear, business-friendly language to explain complex concepts—this will impress those senior stakeholders.
✨Tip Number 4
Don’t hesitate to apply through our website, even if you don’t tick every box. Moody's values potential and diverse backgrounds, so your unique experiences could be just what we need!
We think you need these skills to ace VP, Information Security Strategy & Enterprise Risk
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight how your experience aligns with the role. Use keywords from the job description to show that you understand what Moody's is looking for.
Showcase Your Skills:Don’t just list your qualifications—demonstrate how your skills in information security and risk management can benefit Moody's. Share specific examples of how you've tackled similar challenges in the past.
Be Authentic:Moody's values diverse perspectives, so don’t be afraid to let your personality shine through in your application. Share your unique experiences and insights that make you a great fit for the team.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at PowerToFly
✨Know Your Cybersecurity Frameworks
Make sure you’re well-versed in key cybersecurity frameworks like NIST and ISO 27001. Be ready to discuss how these frameworks can be applied in real-world scenarios, especially in relation to risk management and compliance.
✨Translate Tech Speak into Business Language
Practice explaining complex technical risks in simple terms. You’ll need to communicate effectively with senior stakeholders, so think about how you can make your insights actionable and relevant to business objectives.
✨Showcase Your Stakeholder Management Skills
Prepare examples of how you’ve successfully managed relationships with various stakeholders. Highlight your communication and presentation skills, as these will be crucial for the VP role at Moody's.
✨Demonstrate Your AI Knowledge
Brush up on your understanding of AI concepts and how they relate to cybersecurity. Be ready to discuss any experience you have with AI-enabled tools and how they can enhance security analysis and risk management.
