Cyber Threat Intelligence Lead - MetLife Remote USA Bookmark Share Print 1242 0 12

Listing Description

This role can be done remotely - virtual - work from home - anywhere within the US or from any MetLife office in the US 

Role Value Proposition:  This role will serve as the lead for MetLife’s Cyber Threat Intelligence Team and will be responsible for analyzing threat actor campaigns and incident response cases relevant to the financial and insurance industry.  This analyst supports overall defense activities, provides in-depth analysis of suspected malicious code, develops recommendations on how to counter the threat, and publishes findings for an internal and external audience.  The Threat Intelligence Lead will be responsible for mentoring and guiding junior analysts and continuing to mature the capabilities of MetLife’s Cyber Threat Intelligence Team.

Key Responsibilities:

•          Lead projects and team initiatives for MetLife’s Cyber Threat Intelligence Team
• Present threat landscape briefings, and finished intelligence products utilizing widely accepted community standards and methodologies approved by management
• An understanding of common analysis techniques and frameworks used in CTI, such as threat modeling techniques like the Diamond model, Kill Chain, and F3EAD
• Identify, analyze, correlate, mitigate, track, and develop content for tools & processes related to indicators of comprise
• Develop network and host-based signatures to identify specific malware. Recommend heuristic or anomaly-based detection methods
• Researching and developing new tools and scripts to continually update or improve the threat intelligence automation processes, collection methods and analytical capability
• Supports the ingestion and validation of IOCs and observables in various security platforms
• Provide subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities
• Support business as usual operations such as monitoring open source for new information and responding to ad-hoc stakeholder RFIs

Essential Business Experience and Technical Skills:

Required:

•          Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
•          Experience creating malware analysis tools and scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data (ex - configuration extraction)
•          Strong programming experience preferred (C, Python, or Powershell).
• Strong communication skills, both written and verbal.
•  Experience working in a Security Operations Center or on an Incident Response Team
•  Ability to collaborate with different teams
•  Experience managing small projects.

Preferred:

•          BA/BS in related field
•          Relevant industry cerifcations –CISSP, CEH, GREM, CISM, GSEC, CASP+, OSCP, CySA+, etc.

Business Category

IT Risk & Security (ITRS/CISO) 

At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.