Role Value Proposition:
This role serves as a key member of the cloud security team, within IT Risk and Security, focusing on security controls for the cloud environment. The primary focus will be securing cloud technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
- Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues
- Defining security controls for a Hybrid Cloud implementation using a combination of Cloud native and On-Premise Security tools and applications.
- Conducting security reviews and recommendation for IaaS, PaaS, & SaaS Cloud environments
- Developing Cloud Security requirements documentation for IaaS, PaaS and CaaS environments.
- Defining Network Security and Encryption evaluation and recommendations for complex infrastructure.
- Designing and implementing controls with Azure Information Protection, Azure Advanced Data Security in AWS Security Hub, GuardDuty. Experience with Forseti and Security Health analytics in GCP.
- Administering/securing Containerized environments.
- Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place
- Developing data protection proposals using Data loss prevention (DLP), Data discovery / classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
- 4+ years of experience with Google Cloud, Microsoft Azure and AWS Infrastructure as a Service and Platform as a Service environments. Awareness of Data Sovereignty and privacy controls around the world and ability to translate that to security control that can be applied in the Public cloud environments.
- 3+ years of Experience with Cloud native security controls in different Cloud environments.
- Minimum of 5 years of experience managing Security within Active Directory in Windows Servers 2012 and 2016. Active Directory Security groups and Group policies administration and design experience and how it can be translated for use in the Cloud IaaS environments and in Azure Active Directory.
- 4+ years of experience with scripting tools like PowerShell or Python from an infrastructure security perspective.
- At least 4 years of experience with Data Loss Prevention tools for Website uploads, Endpoint Data Loss Prevention and Network Data Loss Prevention.
- Minimum of 1 year working on security tools for Containers and microservices environments.
- At least one Industry recognized cloud security certification (CCSP, CCSK, CCC-PCS, etc.)
- Bachelor’s degree in technology or related field required with 8+ years in different information security domains or 10+ years experience with HSD/GED or Associate's degree.
- Industry recognized information security and/or cloud certification are preferred (CISSP).
- 1 Year of Experience with Cloud Access Security Broker Tools like Bitglass, Netskope or M-Vision (Skyhigh) for Data Loss Prevention for SaaS based applications.
- Strong ability to communicate to stakeholders with various levels of expertise
- Strong record of success in supporting large scale programs, preferably in a global organization.
IT Risk & Security
Number of Openings
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.
MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.
We are one of the largest institutional investors in the U.S. with $651 billion of total assets under management as of September 30, 2020. We are ranked #48 on the Fortune 500 list for 2020. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.
MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.
We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.
MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
Requisition #: 116648