Saltar al contenido
Ubicaciones

  • Posting Location: Cary, North Carolina

País
Estados Unidos
Acuerdo de trabajo
Tiempo completo
Esquema de Trabajo
Híbrido
Asistencia de reubicación disponible
No
Fecha de publicación
25-Abr-2024
ID del trabajo
2442

Descripción y requisitos

Role Value Proposition:

This role serves as a key member of the Application Protection team. The candidate will be part of a team that maintains responsibility for life cycle management of application Distributed Denial of Service (DDoS), Bot Mitigation, and Web Application Firewall (WAF) application defense capabilities.  Life cycle management includes such tasks as; identification and selection of applications, overseeing the onboarding, configuration, and deployment of service, overseeing upgrades, operations, and reporting.  A highly sought candidate for this role will be dynamic and initiative-taking, possess a passion for application security, enjoy solving complex problems, enjoy sharing knowledge with others, excel under pressure, and constantly look for opportunities for team and personal improvement.  Candidate must have a strong understanding of application security, especially Akamai.

 

Key Responsibilities:

  • Ownership of application defense services - Ensure all new services are reviewed and included in network protection controls.
  • Monitor/be aware of new DDoS and cybersecurity threats and regular review of controls to maintain effectiveness.
  • Coordinate engineering teams’ efforts in remediating or mitigating identified issues.
  • Guide engineering peers and other counterparts on policies, procedures, and operational concerns regarding WAF configurations and migrated applications.
  • Provide design, implementation, and migration support for moving applications behind a WAF.
  • Make recommendations to transition applications from monitoring to blocking in WAF security policy.
  • Perform attack signature analysis and recommendations, and policy exception processing.
  • Provide guidance to customers on application security configuration, security protocols, and defensive security response.
  • Assist customers with onboarding and provisioning applications/websites in application defense systems.
  • Work with responsible teams to develop reporting to show the effectiveness of controls.
  • Operating issue resolution, documenting actions in the ticketing system, knowledge base, or document storage location, and engaging vendor support as required.
  • Ability to liaise and engage with stakeholders / technical teams, cross-functional teams, and project staff.
  • Establish yourself as a trusted security advisor internally and externally.
  • Appropriately manage time and customer issues based on issue severity and business needs.
  • Support individuals/teams working on projects to ensure alignment with overall security goals.
  • Keep abreast of new and emerging technologies, perform evaluation, and make recommendations to leadership for incorporation into architectural vision.
  • Evaluate existing and/or proposed infrastructure solutions for compliance with security standards, and provide recommendations and approval as required.
  • Provides informal assistance such as technical guidance, and/or training to coworkers.

 

Essential Business Experience and Technical Skills:

Required:

  • 5+ years of information security applications and systems experience including experience documenting, implementing, and supporting one or more of the following enterprise-level products: DDoS protection solutions, WAF solutions, and/or application security solutions.
  • Information security/technology applications and systems experience
  • Experience troubleshooting and investigating operational issues related to Akamai.
  • Must have a background in Security / Vulnerability engineering.
  • Ability to proficiently use relevant tools and technologies for DDoS, WAF, and Bot detection and mitigation.
  • Experience with Web Application Firewalls (WAF), and Bot Monitoring
  • Advanced knowledge of IT architecture standards and governance.

 

Preferred:

  • Bachelor’s degree in computer science, Information Systems, IT Security, or 5+ additional years of related equivalent work experience instead of a degree is required.
  • Knowledge of the PCI framework, App Architecture, and Akamai.
  • In-depth knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
  • Experience leading initiatives in a global environment extending across multiple countries and time zones.
  • Ability to prioritize work, meet deadlines, achieve goals, and work under pressure in a complex environment with moderate supervision.
  • Knowledge and understanding of Power BI reporting.
  • Frequent contact with customers, contractors, and other internal teams to assess, resolve, and work through complex requirements and issues.
  • Candidate is considered an SME in DDoS mitigation technologies (cloud, network, CPE), merging global operational support (on-net, off-net, CPE-based products), and countermeasure experience (vendor-specific, rate limiting, etc.).
  • Excellent incident reporting skills are desired; a forensics background is a plus. The ability to provide consulting, policy reviews, training, security audits, and advisories, as well as support for malware/DDoS attacks, internal compromises, and other malicious events will be part of this skill set.

 

At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
Acerca de MetLife

Reconocida en la lista de la revista Fortune de las "Empresas más admiradas del mundo" de 2023, MetLife, a través de sus subsidiarias y afiliadas, es una de las empresas de servicios financieros líderes en el mundo; proporcionando seguros, anualidades, beneficios para empleados y gestión de activos a clientes individuales e institucionales. Con operaciones en más de 40 mercados, ocupamos posiciones de liderazgo en Estados Unidos, América Latina, Asia, Europa y Medio Oriente.

Nuestro propósito es simple: ayudar a nuestros colegas, clientes, comunidades y al mundo en general a crear un futuro más seguro. Unidos por un propósito y guiados por la empatía, estamos inspirados para transformar el próximo siglo en servicios financieros. En MetLife, es #AllTogetherPossible. ¡Únete a nosotros!
Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.