Ir para o conteúdo
Localização

  • Posting Location: Cary, North Carolina

País
Estados Unidos
Arranjo de trabalho
Tempo integral
Modelo de Trabalho
Híbrido
Data de publicação
04-Mar-2024
ID da vaga
1525

Descrição e requisitos

Role Value Proposition:  

Under the direction of the Red Team Lead, the Red Team Analyst will help develop and perform various Red Team activities and exercises along with a series of periodic penetration tests. The Red Team Analyst will provide subject matter expertise across multiple areas related to continuously enhancing MetLife's security posture. This role will also require advanced analytical and communication skills in order to efficiently interact with global stakeholders and provide input to drive effective remediation across the organization. 


Key Responsibilities: 

  • Perform network penetration and web application testing, social engineering assessments, and red team assessments. 
  • Familiar with and safely able to use various attacker tools, techniques, and procedures. 
  • Assist with scoping prospective engagements, engagements from kickoff through remediation. 
  • Build and coordinate Red Team exercises and initiatives with internal stakeholders from inception to closure.  Perform the assessments using manual and automated techniques.
  • Simulate sophisticated attacks based on their TTPs mapped to the MITRE ATT&CK
  • Simulate sophisticated attacks through social engineering, electronic and physical testing, and defensive control evasion. 
  • Develop comprehensive reports, and presentations on Red Team activities and findings for technical and executive stakeholders. 
  • Document Red Team processes, tactics, techniques, and procedures. 


Qualifications

Required Qualification:

  • Bachelor's degree in computer science, information systems or related field, or equivalent work experience.  
  • At least 2+ years of Red Team experience.
  • At least 4+ years of experience in the penetration testing area, including:
    • Strong experience in Network, web application, and infrastructure penetration testing
    • Proficiency with one or more scripting languages such as Python, PowerShell, and Bash to automate simple tasks.
    • Experience modifying exploits and using exploit tools.
    • Strong knowledge of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell.
    • Knowledge about red teaming methodologies and tools.
    • Knowledge of security controls, including access, intrusion detection/prevention systems (IPS/IDS), security information and event management (SIEM) systems, patch management systems, etc.
    • Experience with testing tools like Cobalt Strike, Metasploit, Nmap, Burp Suite, Wireshark, etc.
    • Knowledge of Active Directory attack paths
    • Email social-engineering assessments.
    • Strong understanding of operating systems network technologies, and protocols.
  • Excellent written and verbal communication skills.
  • Experience documenting high-quality reports.
  • Experience working in complex, diverse, and global (international) environments.
  • Relevant offensive certifications such as OSCP, OSEP, OSCE, GXPN, and GRTP.


Preferred Qualifications:

  • Purple Team experience.
  • Experience using BAS tools.


Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
Sobre a MetLife

Reconhecida na lista da revista Fortune das "Empresas Mais Admiradas do Mundo" de 2023, bem como na lista das 100 Melhores Empresas para Trabalhar da Fortune ® de 2023, a MetLife, através de suas subsidiárias e afiliadas, é uma das principais empresas de serviços financeiros do mundo; fornecendo seguros, anuidades, benefícios a funcionários e gestão de ativos para clientes individuais e institucionais. Com operações em mais de 40 mercados, ocupamos posições de liderança nos Estados Unidos, América Latina, Ásia, Europa e Oriente Médio.

Nosso objetivo é simples: ajudar nossos colegas, clientes, comunidades e o mundo em geral a criar um futuro mais confiante. Unidos por um propósito e guiados pela empatia, somos inspirados a transformar o próximo século nos serviços financeiros. Na MetLife, é #AllTogetherPossible. Junte-se a nós!
Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.