Senior information security consultant job description

Role Value Proposition:


The mission of MetLife's Global Application Security Maintenance & Remediation team is to protect application assets and business reputation while fostering a culture of software currency and zero vulnerabilities in partnership with global stakeholders to safeguard MetLife and customer sensitive data. This is a hands-on project management and technical opportunity within our core application Maintenance and Remediation team where you will drive removal of security vulnerabilities through software upgrades and remediation. You will champion our software currency and zero vulnerability culture across all lines of business and consult directly with software developers, systems architects, and program managers to remediation and upgrade applications across MetLife's systems.


E ssential Knowledge and Skills:



Required:


Bachelor's degree in Business, Project Management, Information Technology, Computer Science, Cybersecurity, or Systems Security Engineering.
4-6 years' experience leading security driven application remediation and upgrade projects Experience with DevSecOps and Agile concepts and methodologies . Proven ability to build relationships and collaborate across the organization that enables escalation of issues and roadblocks. Demonstrated proficiency in areas of matrix management, teamwork, organization, accountability and working with a sense of urgency. Strong technical acumen, writing and communication skills. Self-motivated with a strong propensity to constantly learn and impart knowledge.
Ability to maintain awareness of industry best practices and emerging application security threats, especially those pertaining to the financial services industry. Advanced experience with the entire MS Office suite of tools including MS Project and Power BI.



Preferred:


Professional certification(s) in the Information Security space, PMI, Agile. Experience with Open-Source threat modeling tools and defect tracking systems. Applied knowledge of modern threat modeling concepts, tools, and techniques.



At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.



#LI-WRAPJOB



MetLife:


MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine's 2021 list of the “World's Most Admired Companies.”

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

Company DescriptionSince 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant's approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.Job Description

Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with Mandiant clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients.

As an Information Security Consultant, you will be responsible for helping our clients assess, design and build effective security programs. As an established trusted advisor, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs. This is a regional specific role which must be based out of the central region of the U.S.
What You Will Do:

* Provide guidance on building and/or maturing information security programs and the implementation of tools and technologies used for enterprise security
* Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
* Implement and/or assess existing security controls
* Provide knowledge of tools and technologies used for enterprise security
* Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients

Qualifications

Minimum Requirements:

* 5+ years experience in professional information security domains
* Basic knowledge of tools used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, malware analysis or other areas of security operations
* Basic understanding of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS Fundamental understanding of networking, including TCP/IP protocols and network topology
* Fundamental understanding of operating systems, including Windows, Linux, and OSX
* Basic understanding of security controls for common platforms and devices, including Windows, Linux, OSX and network equipment
* Basic understanding of the components that comprise a successful information security program
* Ability to travel up to 50% (when travel resumes)

Desired Qualifications:

* Must be eligible to work in the U.S. without sponsorship
* Ability to successfully interface with clients and manage expectations
* Ability to document and explain technical details in a clear and concise manner

Additional Information

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant's COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role that must be located in the Central Region of the US.