- Salary: $135000 - $175000
- Citizenship: Not Provided
- Incentives: Bonus
- Education: High School Diploma
- Travel: No Travel
- Telework: Full Telecommute
Role Value Proposition:
This role serves as the lead member of the infrastructure penetration testing team and executes and manages MetLife’s global penetration testing program. The candidate will have the responsibility to identify, setup and support our external partner penetration testing, as well as oversee and perform internal pen testing. The candidate will also have the responsibility to lead a cross-functional engineering team to identify strategies to close vulnerabilities. This role must have a strong understanding of standard enterprise infrastructure, and experience in identifying and eliminating risk in a global environment.
- Develop the strategy and manage the execution of the global internal and external penetration testing program through various initiatives, the creation of new processes and continuous improvement
- Lead and work with a team of analysts and consultants
- Identify testing requirements from internal stakeholders and provide testing parameters to external testing partners
- Setup and conduct scenario-based penetration testing initiatives
- Validation of pen test findings (exploitability and remediation) and of potential vulnerabilities
- Conduct qualitative review of external partner reports to ensure they meet MetLife’s standards for acceptance.
- Assist engineering teams’ efforts in remediating or mitigating identified issues.
Essential Business Experience and Technical Skills:
- 10+ years in leading Pen Testing activities and working in a large enterprise infrastructure (Strategy and execution).
- Leadership experience
- In-depth knowledge of modern enterprise and security architectures of large organizations
- Industry recognized information security and pen testing certifications are preferred: GPEN, CEH, SSCP, OSCP, SSCP etc
- Bachelor’s degree in Computer Science, Information Systems, IT Security or 5+ additional years of related equivalent work experience in lieu of degree is acceptable.
- Knowledge of the MITRE ATT&CK Framework
- Experience leading initiatives in a global environment extending across multiple countries and time zones.
- Strong ability to communicate to stakeholders with various levels of expertise
- Strong verbal and written communication skills.
- Excellent leadership skills and relationship management experience