The Lead Security Engineer is responsible for executing the enterprise-wide strategy to identify, design, develop, and implement technical security solutions to enhance MetLife’s control environment. This hands-on position requires strong collaboration skills to work with cross functional teams to ensure the design of technology solutions complies with MetLife’s information security policies, and regulatory obligations. The candidate will have the ability to identify, document, recommend, and lead security safeguards and configurations in a highly complex environment. Must have the ability to recognize, and appropriately incorporate layered security safeguards within the network, cloud, application, and data layers from a defender’s perspective. Must be an adaptable, pragmatic, and be positive professional, who is comfortable in delivering clear and concise information at both a technical and managerial level.
•Identify, recommend, develop, and implement technical security solutions to enhance MetLife’s control environment. •Manage security product life cycle from vendor management roadmap to Quarterly Business Reviews. •Lead large scale enterprise initiatives from definition and financial acquisition to deployment and transition of support to Security Operations. •Drive milestone planning, deployment coordination, change management, documentation, and user training of new and existing technologies. •Work effectively with other Information Security teams and outsourcing providers to ensure technology security solutions are in alignment with organizational strategic goals. •Ability to work and collaborate with teams around the globe. •Document and transition operational responsibilities to the Security Operations team and to document end user guides for users and partner technology teams. •Ability to identify and fully automate processes
Essential Business Experience and Technical Skills:
•Leadership, teamwork, collaboration, self-driven and effective communication skills - both written and verbal. •7+ years of IT Security Engineering experience working in an enterprise infrastructure or security architecture environment. •7+ years of experience in one or more of the following information security domains ?Endpoint Security – AntiVirus, Data Loss Prevention (DLP), Encryption, Desktop Firewall, Cryptography ?Access Management and Authentication solutions ?Cloud, i.e. Azure, Google, or AWS ?Analysis and Protection, Network and Perimeter Security, Incident Response, and Emerging Technologies (i.e., mobile, cloud).
•5+ years of experience architecting, building, and deploying Security Information and Event Management (SIEM) security solutions. •7+ years of experience working with applications enabled in the cloud, mobile devices, web, and network •Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc.
•Bachelor’s degree in Computer Science, Information Systems or related field •Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses. •Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification and/or desire to obtain such certifications.