Saltar al contenido
Ubicaciones

  • Ubicaciones de publicación: Cary, North Carolina

País
Estados Unidos
Acuerdo de trabajo
Tiempo completo
Esquema de Trabajo
Híbrido
Asistencia de reubicación disponible
No
Fecha de publicación
27-Jun-2024
ID del trabajo
3289

Descripción y requisitos

Role Value Proposition:

MetLife's Global Application Security team's mission is to identify, protect, detect, respond, and recover from threats to business applications in near real-time. This is a hands-on technical role where you will be accountable for the timely delivery of application security compliance testing.

 

As an Application Security Analyst, you will work directly with application developers and program managers as a trusted advisor ensuring that software development teams, using either Agile or Waterfall methodologies, adopt a security-first or 'secure-by-design' methodology integrated through automation in their SDLC processes. You will ensure software vulnerabilities are detected and correctly remediated by application developers early in the software development lifecycle as part of MetLife's 'secure-by-design' adoption strategy. You will Analyze, support & administer one or more specialized security tools, systems, software, and procedures. Help identify potential gaps and develop technical controls to compensate. You will be responsible for managing a range of business applications, including web applications, mobile applications, and API services. This role has high visibility that supports the business and cybersecurity goals of MetLife's senior leadership with opportunities for growth. Your technical knowledge, analytical thinking, time management skills, business acumen, and consistent operational discipline are your keys to success.

 

Key Responsibilities:

  • Provide security testing coordination and consultation services in a timely manner to software application development teams and other enterprise stakeholders as required for a portfolio of API services, web, and mobile applications.
  • Drive the discovery, understanding, and remediation of application vulnerabilities that are found using static code analysis, dynamic analysis, open-source software composition analysis tools, and ethical hacking methodologies.
  • Champion and promote a secure-by-design and Agile security culture across MetLife development teams.
  • Enforce compliance with MetLife's application cyber security policies and standards.
  • Continuously increase the effectiveness (i.e., planning, communication, and timely execution) of MetLife's global application security program.

 

Essential Business Experience and Technical Skills:

Required:

  • Bachelor’s degree in computer science, Cyber Security, Information Technology, or related discipline.
  • 2-4 years of combined experience in software development, cyber and data security/ application security testing, and program management.
  • Experience with static code analysis, dynamic analysis, and open-source composition analysis using managed security testing platforms and application ethical hack testing.
  • Proficient in the SANS/CWE Top 25 and the OWASP Top 10 as well as API security testing best practices and remediation.
  • Strong technical communication, analytical, and time management skills to effectively and succinctly, convey vulnerability flaw details and a recommendation for remediation to developers and leadership.

 

Preferred:

  • Professional certifications such as SANS GWAPT, CEH, OSCP, or a CSSLP certification.
  • Ability to perform secure code reviews. Programming language proficiency in Java, JavaScript, C#, and Python.
  • Experience with white-box/black-box open source and commercial application security testing tools, tactics, techniques, and procedures.
  • Experience with technology innovation (e.g., Cloud, Azure, AI, ML) ethical hacking, security testing automation, and defect tracking.
  • Ability to maintain proficiency in emerging application security threats, especially those targeting the financial services industry. This position requires self-motivation, a strong willingness to learn, and a passion for application security.

 

At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
Acerca de MetLife

Reconocida en la lista de la revista Fortune de las "Empresas más admiradas del mundo" de 2023, MetLife, a través de sus subsidiarias y afiliadas, es una de las empresas de servicios financieros líderes en el mundo; proporcionando seguros, anualidades, beneficios para empleados y gestión de activos a clientes individuales e institucionales. Con operaciones en más de 40 mercados, ocupamos posiciones de liderazgo en Estados Unidos, América Latina, Asia, Europa y Medio Oriente.

Nuestro propósito es simple: ayudar a nuestros colegas, clientes, comunidades y al mundo en general a crear un futuro más seguro. Unidos por un propósito y guiados por la empatía, estamos inspirados para transformar el próximo siglo en servicios financieros. En MetLife, es #AllTogetherPossible. ¡Únete a nosotros!
Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.