Skip to content

  • Posting Location: Cary, North Carolina

United States
Working Schedule
Work Arrangement
Relocation Assistance Available
Posted Date
Job ID

Description and Requirements

Team and Role Overview

The Response Engineering team is the last line of defense of protection against adversaries and responsible for remediating threats detected in the MetLife environment. Being a Response Engineer puts you in the pilot seat of defending against cyberattacks while creating solutions to automate and scale response actions. We strongly believe in quickly responding to and remediating security threats allowing leadership to focus on their business objectives.

The Response Engineering team has extensive experience conducting investigations on endpoints, servers, and emerging threat surfaces such as identity, email, SaaS, and cloud. The team utilizes a range of techniques such as analyzing telemetry data from security platforms, malware analysis, and threat hunting. We take advantage of SOAR capabilities to perform immediate actions when threats are detected. As Response Engineers, one of our goals is to identify opportunities to increase our efficiency and ensure we minimize the amount of time customer environments remain vulnerable. We do this by finding creative and innovative ways to use existing tooling to add into our arsenal while decreasing the amount of time it takes to respond to an incident and allowing the business to return to a normal operating status.

Key responsibilities

  • Assume a SME role, taking ownership of tooling and processes, driving enhancements to elevate team capabilities.
  • Utilize MetLife’s security products to analyze, contain, and remediate threats.
  • Identify effective response strategies to further enhance the MetLife security posture.
  • Actively engage and collaborate with the Detection Engineering, Threat Hunting, and Engineering teams to develop new ways of performing timely remediation of identified threats.
  • Contribute technical content such as playbooks, scripts, and automation tooling to enhance processes, investigation workflows, and infrastructure.
  • Engage with internal and external customers to resolve cybersecurity incidents.
  • Take part in an on-call rotation responding to escalations from the SOC.


Essential Business Experience & Technical Skills


  • 2+ years of Incident Response or comparable industry experience (threat hunting, threat detection and response, malware analysis, etc).
  • 2+ years working knowledge and experience with one or more scripting languages: Bash, Perl, Python, JavaScript, PowerShell, KQL.
  • Successful completion of one or more of the following certifications: CISSP, OCSP, CEH, GCIA, GCIH, GCFA, CYSA, Security+.
  • 2+ years’ experience with Endpoint Detection and Response (EDR) products including CarbonBlack, CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, and Palo Alto Cortex.
  • 2+ years’ experience with or the capacity to learn how to analyze telemetry from and within various email, identity, and cloud computing technologies including, but not limited to, AWS, Azure, Google Cloud Protection and Okta, Microsoft Entra ID.
  • 2+ years’ experience understanding the internal system functionality of Windows, MacOS and Linux operating systems with the ability to perform deep forensics.



  • Strong analytical, investigative, and problem-solving skills.
  • Ability to work in a fast-paced, operational environment and successfully prioritize important tasks.
  • Professional and articulate with excellent written and verbal communication skills.
  • Deep interest in understanding and staying current with the latest adversary tactics and techniques.
  • Understanding of enterprise technology, network controls, cloud environments, and security operations
  • Understanding of security principles as it relates to email, identity, and cloud computing environments.
  • Understanding of network communication.
Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
About MetLife

Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For ®, MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we’re inspired to transform the next century in financial services. At MetLife, it’s #AllTogetherPossible. Join us!
Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.