MetLife logo
Detection Engineer - MetLife Virtual within USA Bookmark Share Print 1564 1 12

Listing Description

Role Value Proposition:  

The Detection Engineer will be part of MetLife’s Threat Research Team and will be focused on building and expanding detection capabilities using a suite of security tools.  This role will be primarily focused on researching threat actor tactics, techniques, and procedures, developing detection capabilities, and identifying ways to improve visibility using the security tools and products.  

    

Key Responsibilities: 

Develop and deploy detections, automations, and alerting infrastructure to identify security events and incidents

Find, gather, and normalize internal and external data to enhance our Security Information and Event Management System (SIEM)

Aid research and engineering initiatives to automate and orchestrate security operations for efficiencies and diligence in support of Threat Research functions and operations

Analyze activity associated with both successful and unsuccessful intrusions by advanced attackers

Work with key stakeholders to incorporate high quality security and alerting into their operational workflows

Build and maintain detection and response metrics and dashboards

Actively participate in the development, documentation, and implementation of new processes to expand and mature capabilities for the organization

 

Essential Business Experience and Technical Skills:

Required:

Strong understanding of Windows operating systems and command line tools, network protocols, TCP/IP fundamentals, and security infrastructure.

Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc.

Scripting and development experience for analysis and automating repeatable processes.

Experience with commercial and open source Threat Intelligence Platforms (TIPs)

Strong communication skills, both written and verbal

Ability to collaborate with different teams

Preferred:

Strong experience analyzing raw log files (i.e. firewall, IDS, PCAP, system logs)and performing data correlation.

Experience with dissamblers/debuggers

Experience working in a Security Operations Center or on an Incident Response Team

BA/BS and/or related certifications (GREM or similar)

 

Listing Details

  • Salary: $100000 - $125000
  • Citizenship: Not Provided
  • Incentives: Bonus

 

  • Education: High School Diploma
  • Travel: No Travel
  • Telework: Full Telecommute

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!