Security Analyst

Metropolitan Life este parte a MetLife, Inc. (NYSE: MET), una dintre cele mai importante companii de servicii financiare din lume, oferind asigurări, anuități, beneficii pentru angajați și gestionarea activelor pentru a-și ajuta clienții individuali și instituționali să pășească cu încredere în viitor. Fondată în 1868, MetLife are operațiuni în peste 40 de piețe la nivel global și deține poziții de lider în Statele Unite, Japonia, America Latină, Asia, Europa și Orientul Mijlociu.

În România, Metropolitan Life are peste 25 ani de activitate pe piața de asigurări de viață. Peste 4 milioane de clienți beneficiază de asigurări de viață și pensii private obligatorii oferite de Metropolitan Life la nivel local

Required:

• Minimum of 3 years' IT or network security experience.
• Bachelor's degree in information systems or equivalent work experience.
• Strong cross-functional collaboration skills, relationship building skills
• In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
• Excellent technical knowledge of mainstream operating systems [Windows and Linux] and a wide range of security technologies, such as network security appliances, identity, and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
• Knowledge of core network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
• In-depth knowledge of risk assessment methods and technologies.
• Experience with common information security management frameworks.
• Proficiency in performing risk, business impact, control and vulnerability assessments and remediation
• Strong understanding of business application architecture
• Experience in developing, documenting, and maintaining security policies, processes, procedures and standards.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Strong written and verbal communication skills.

Preferred:
• Previous knowledge or familiarity with the following security tools (Palo alto, BlueCoat, Mobileiron, RSA SecurID, Cisco AMP, Crowdstrike, Tanium, Forcepoint, Guardium, Qualys, Kenna, Cyberark)
• Audit, compliance, or governance experience.

• Works with information security leadership to rollout strategies and plans to enforce security requirements and address identified risks.
• Works closely with the IT Risk and Security team to identify, select and implement technical controls.
• Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
• Provides support for Security Incidents and Response
• Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments.
• Assists in the coordination and completion of information security operations documentation.
• Reports to management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
• Collaborates on critical IT security projects to ensure that security issues are addressed throughout the project life cycle.
• Advises security administrators on normal and exception-based processing of security authorization requests.
• Researches, evaluates, and recommends information-security-related hardware and software, including developing business cases for security investments.