At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. Moody’s is transforming how the world sees risk. As a global leader in ratings and integrated risk assessment, we’re advancing AI to move from insight to action—enabling intelligence that not only understands complexity but responds to it. We decode risk to unlock opportunity, helping our clients navigate uncertainty with clarity, speed, and confidence.

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies

• 3+ years in a technology risk management, internal audit, or compliance role with a focus on internal control monitoring and testing
• Technical expertise to evaluate control activities and ensure compliance with required technology policies, standards, and regulatory standards.
• Understanding of IT Control Frameworks such as COBIT, ITIL, NIST and COSO
• Understanding of Risk Management/Operational Risk Management and Internal Controls testing methodology
• Understanding of artificial intelligence concepts, with eagerness to develop and implement innovative AI solutions, in alignment with safe and responsible AI practices
• Ability to handle complexity and ambiguity
• Proven track record building strong relationships across multiple business functions
• Professional qualifications such as a CPA, CISSP, CISM, CISA, CRISC etc. is a plus
• AI-focused certifications (AAISM, CSPAI) is a plus
• Basic understanding of artificial intelligence concepts, with curiosity and enthusiasm for learning how AI tools—such as Copilot and ChatGPT—can be used to improve processes and drive efficiency.
• Interest in exploring agentic AI systems and a willingness to develop awareness of responsible AI practices, including risk management and ethical use.

Education 

• Bachelor’s degree in related field of study (Information Systems, Computer Science, Risk Management, or related field)

Responsibilities

Assist in the coordination and execution of the Technology Control and 1st Line of Defense Monitoring Testing program

• Responsible for contributing to technology risk/control framework and assessment program to ensure alignment with industry risks, trends, new technologies and new/changes in regulatory requirements
• Manages IT risk advisory engagements to include conducting meetings with control owners, conducting control tests, and analyzing and communicating results
• Perform risk-based testing activities that independently evaluate the design and effectiveness using advanced technological tools; develop technological strategies to efficient and effective testing execution
• Exhibit high attention to details in identifying, aggregating, and communicating issues and control gaps to appropriate stakeholders
• Display interpersonal skills to articulate results/conclusions of control testing activities to key stakeholders
• Demonstrate understanding of operational risk, technical risk, control testing methodologies, and related regulatory and compliance standards
• Implement AI and automation tools to enhance testing efficiency, improve risk identification, control documentation, workflow efficiency, and reporting accuracy.
• Contribute to ad-hoc assignments/special projects to support the 1st Line Risk Team

About the team

Our 1st Line of Defense Risk Management team is responsible for overseeing and facilitating the risk management framework & methodology through effective risk management practices. This role will have responsibilities supporting the first line technology risk management team, including the successful execution of the Risk and Control Self‑Assessments (RCSAs) across the Moody’s Ratings technology environment. The position provides technical acumen, risk expertise, and execution capabilities to identify, assess, document, and manage technology risks, ensuring risks and controls are accurately represented and aligned with organizational risk standards. The role partners closely with technology and engineering teams to assess inherent and residual risk, evaluate control design and operating effectiveness, identify gaps and issues, and support remediation and ongoing risk monitoring activities

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.