The organization has strengthened its application defense by implementing secure coding practices, managing third-party dependencies, enhancing container security, and improving CI/CD pipeline controls. These efforts are underpinned by a strong focus on secure architecture and empowering developers with the necessary tools and knowledge. Offensive security capabilities have also been expanded to include comprehensive testing strategies, real-world threat simulations, and close collaboration with threat intelligence teams to proactively identify and mitigate risks. In parallel, advancements in automation, vulnerability management, reporting, and system resilience contribute to efficient and scalable security operations. Ongoing initiatives also prioritize the integration of emerging technologies such as AI, along with threat modeling and the application of advanced security techniques, all aimed at further developing the team's expertise and preparedness.

• Collaborate with Cybersecurity and Engineering teams to build security automation, enhance tooling, and support secure development practices.

• Develop and maintain internal tools to improve the security lifecycle, reduce manual efforts, and streamline developer workflows.

• Design and construct Python-based microservices using modern API frameworks on Azure and GCP, leveraging services like Kubernetes, Application Gateway, Cosmos DB, Redis, and EventHub/Grid.

• Deploy infrastructure and applications using Infrastructure-as-Code (IaC) tools such as Terraform and Atlantis.

• Integrate robust authentication and authorization mechanisms, including OAuth2 and token-based access, into internal tools and services.

• Build secure and efficient CI/CD pipelines, embedding security checks and automating policy enforcement across development stages.

• Explore and implement AI-assisted tooling to enhance threat detection, code review, and anomaly detection across security workflows.

• Perform operational tasks and continuously evaluate emerging technologies to strengthen MSCI’s security engineering capabilities.

• Basic to intermediate experience coding in Python, ideally with exposure to building simple scripts, tools, or web APIs.

• Familiarity with CI/CD pipelines and version control systems like Git; experience contributing to secure software delivery is a plus.

• Introductory knowledge of cloud platforms such as Azure or GCP, and a desire to deepen skills in cloud-native development and deployment.

• Understanding of authentication and authorization concepts, especially OAuth2, and how they apply to modern applications and APIs.

• Exposure to infrastructure-as-code tools (e.g., Terraform) or interest in learning how to automate deployments and security controls.

• Basic knowledge of Linux, networking fundamentals, and common security vulnerabilities.

• Strong communication skills and willingness to collaborate with cross-functional teams (engineering, cloud, security).

• Curiosity about AI-assisted tooling for code analysis or threat detection is encouraged.

• Eagerness to learn, take feedback, and grow into a more senior role over time.

What we offer you

• Transparent compensation schemes and comprehensive employee benefits, tailored to your location, ensuring your financial security, health, and overall wellbeing.

• Flexible working arrangements, advanced technology, and collaborative workspaces.

• A culture of high performance and innovation where we experiment with new ideas and take responsibility for achieving results.

• A global network of talented colleagues, who inspire, support, and share their expertise to innovate and deliver for our clients.

• Global Orientation program to kickstart your journey, followed by access to our Learning@MSCI platform, LinkedIn Learning Pro and tailored learning opportunities for ongoing skills development.

• Multi-directional career paths that offer professional growth and development through new challenges, internal mobility and expanded roles.

• We actively nurture an environment that builds a sense of inclusion belonging and connection, including eight Employee Resource Groups. All Abilities, Asian Support Network, Black Leadership Network, Climate Action Network, Hola! MSCI, Pride & Allies, Women in Tech, and Women’s Leadership Forum.

At MSCI we are passionate about what we do, and we are inspired by our purpose – to power better investment decisions. You’ll be part of an industry-leading network of creative, curious, and entrepreneurial pioneers. This is a space where you can challenge yourself, set new standards and perform beyond expectations for yourself, our clients, and our industry.

MSCI is a leading provider of critical decision support tools and services for the global investment community. With over 50 years of expertise in research, data, and technology, we power better investment decisions by enabling clients to understand and analyze key drivers of risk and return and confidently build more effective portfolios. We create industry-leading research-enhanced solutions that clients use to gain insight into and improve transparency across the investment process.

MSCI Inc. is an equal opportunity employer. It is the policy of the firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, gender, gender identity, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy (including unlawful discrimination on the basis of a legally protected parental leave), veteran status, or any other characteristic protected by law. MSCI is also committed to working with and providing reasonable accommodations to individuals with disabilities. If you are an individual with a disability and would like to request a reasonable accommodation for any part of the application process, please email Disability.Assistance@msci.com and indicate the specifics of the assistance needed. Please note, this e-mail is intended only for individuals who are requesting a reasonable workplace accommodation; it is not intended for other inquiries.

To all recruitment agencies

MSCI does not accept unsolicited CVs/Resumes. Please do not forward CVs/Resumes to any MSCI employee, location, or website. MSCI is not responsible for any fees related to unsolicited CVs/Resumes.

Note on recruitment scams

We are aware of recruitment scams where fraudsters impersonating MSCI personnel may try and elicit personal information from job seekers. Read our full note on careers.msci.com