Share this Job

Consultant, Application Security

Date Posted: Nov 30, 2018

Location: Cary, NC, US, 27513

Company: MetLife

Job Location: United States : North Carolina : Cary  


Role Value Proposition: 

MetLife’s Application Security Team within IT Risk & Security group leads the effort to secure the large and diverse application portfolio in the enterprise. The Consultant position coordinates the activities within the application security lifecycle which includes the security requirements and SDL alignment across global development teams, organizing and managing global testing effort leading to smooth and efficient testing cycles and remediation are performed according to best practices and performed on schedule. This is a position with high visibility and representation of the IT Risk & Security group to application development leaders both within the company and outside MetLife.


Key Responsibilities: 

  • Coordinate and monitor the compliance of global development team’s adherence to the SDL process and the related processes
  • Facilitate the execution of web application security testing across all of the enterprise’s web applications on both a continuous and recurring risk based review schedule.
  • Coordinate with application development teams to evaluate web application vulnerabilities and offer necessary consulting help to remediation of vulnerabilities
  • Oversee and manage the documentation of flaws into risk registry and track remediation activities
  • Collaborate with the global IT Risk and Security team to ensure the alignment on global delivery
  • Assist in the generation of metrics to drive the continuous improvement program and present current state of security status to management team


Essential Business Experience and Technical Skills:



  • Bachelor’s degree in Computer Science, Information Systems, or related field preferred, or years equivalent work experience.
  • 5+ years of combined Application Security Management, Cyber Security or Application Security Testing experience
  • Experience with JIRA or other defect tracking system in an Agile Scrum environment
  • Experience in SDL lifecycle or development projects
  • Experience managing several testing efforts concurrently



  • Knowledge of OWASP Top 10 and SANS/CWE Top 25
  • Professional certifications preferred, such as CSSLP, CEH, or OSCP
  • Experience with Archer
  • Scripting skills



At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.



MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 106242 

Nearest Major Market: Raleigh