Listing Description
Role Value Proposition:
The IT Risk & Security Consultant works to continuously improve MetLife’s cyber security posture by providing infrastructure vulnerability management leadership and subject matter expertise. This role will manage a process to ensure MetLife’s pen testing program operates efficiently. In addition to strong knowledge of infrastructure security, this role requires a high level of organization, excellent communication skills with peers and all levels of management, and ability to influence and to quickly re-prioritize and pivot as threats and objectives change.
Key Responsibilities:
- Coordinate and manage various vendor-performed penetration testing activities from vendor selection and procurement through tracking remediation of vulnerabilities to closure
- Drive the global penetration test remediation process in accordance with MetLife’s vulnerability management policy and standard as well as regulatory requirements
- Prepare and present to management periodic status reports and metrics on penetration testing status
- Lead or support additional projects as directed by cyber security management
- Pen testing program responsibilities include: Scoping, threat modeling, create scenario-based testing, remediation governance, post mortem, presenting findings to management
Essential Business Experience and Technical Skills:
Required:
- 7+ years hands on experience in the fields of IT and Cyber Security
- Strong grasp of operational processes, IT general controls, security controls and vulnerability management
- Candidate must have experience working in complex, diverse and global (international) environments and possess excellent communication and presentation skills
- Ability to lead and influence team members and cross-functional teams
- Experience managing projects involving interdepartmental teams and external vendors / third parties
- Familiarity with the following technologies: Splunk, Tanium, QRadar, Force Point DLP, SCCM, Cisco Amp
Preferred:
- Ability to perform basic scripting to analyze and automate repeatable processes
- Relevant industry certifications such as CISM, CISSP, CISA, CCNA-Security, Security+, MCSE, GSEC, GIAC, PMP, LEAN and Six Sigma
- BA/BS degree in related field
Listing Details
- Salary: $95000 - $115000
- Citizenship: Not Provided
- Incentives: Bonus
- Education: High School Diploma
- Travel: No Travel
- Telework: No Telecommute