Saltar al contenido
Ubicaciones

  • Ubicaciones de publicación: Cary, North Carolina

City/Cities
Cary
País
Estados Unidos
Acuerdo de trabajo
Tiempo completo
Esquema de Trabajo
Híbrido
Asistencia de reubicación disponible
No
Fecha de publicación
22-Ago-2024
ID del trabajo
4114

Descripción y requisitos

Position Overview:


This role will be responsible for managing and maturing our cybersecurity posture by leveraging threat intelligence tools, internal and external information to monitor the cybersecurity risks associated with third-party vendors and remediating security findings and incidents. This role is crucial to protecting our organization from potential threats introduced though our vendor ecosystem.


Key Responsibilities:

  • Mature and manage the Continuous Monitoring and Incident Response program to evaluate the security posture of third-party vendors.
  • Experience with monitoring tools (e.g., BlueVoyant, SecurityScorecard, KY3P, etc.) to detect, analyze, and respond to potential threats from vulnerabilities originating with Third Party vendors.
  • Develop Metrics and dashboards to provide real-time insights into Third Party vendors security performance using tools like PowerBI, SharePoint and Excel.
  • Utilize threat intelligence to proactively identify emerging threats related to Third Parties and continuously monitor for indicators of compromise (IOCs) and other signs of potential security incidents.
  • Analyze security alerts and logs to identify and assess the impact of Third Party incidents.
  • Develop, implement, and maintain risk mitigation strategies and plans.
  • Partners with cross-functional teams to improve the quality of security incident response management throughout the organization.
  • Act as a primary point of contact for Third Party related security incidents and coordinate with internal and external stakeholders during security incidents to ensure timely and effective response.
  • Lead efforts to contain and mitigate the impact of incidents involving Third Parties.
  • Conduct thorough post-incident reviews to determine the root cause and prevent recurrence.
  • Document and share lessons learned and update incident response plans and procedures based on findings.
  • Assess existing detection and response capabilities and provide recommendations for improvements.
  • Report on incident details, impacts, and remediation efforts to senior management and stakeholders.
  • Communicate security expectations and requirements to Third Party vendors clearly and effectively.
  • Oversight of resources in Center of Excellence (CoE) supporting the program.

 

Qualifications:

Required:

  • Minimum 3-5 years’ experience in Third Party Cyber Risk Management or related work.
  • Strong knowledge of global security and privacy breach laws and regulatory reporting.
  • Technical expertise in information security, including familiarity with penetration and intrusion techniques and attack vectors.
  • Proficiency in security monitoring and assessment tools and platforms.
  • Excellent analytical, problem-solving, and decision-making skills.
  • Strong communication and interpersonal skills.
  • Detail oriented with the ability to manage multiple tasks and prioritize effectively.

 

Preferred: 

  • Bachelor’s degree in cyber security, Information Technology, Computer Science, or a related field.
  • Relevant information security certifications (e.g., CISSP, CISM, CEH, CRISC, CISA, OSCP, GPen) highly preferred.
  • Experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.
Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
About MetLife

Recognized on Fortune magazine's list of the 2024 "World's Most Admired Companies" as well as the 2024 Fortune 100 Best Companies to Work For ®, MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we’re inspired to transform the next century in financial services. At MetLife, it’s #AllTogetherPossible. Join us!
Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.