Share this Job

Director of Application Security

Apply now »

Date Posted: Sep 21, 2022

Location(s): Cary, NC, US, 27513

Company: MetLife

Job Location: Cary, NC

 

The Role:

MetLife’s Global Application Security team, in close collaboration with key stakeholders plays a pivotal role in securing our application assets and safeguarding sensitive data. This team is responsible for continuous testing, monitoring and remediation efforts using leading industry technologies, including but not limited to Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), Mobile Application Security Testing (MAST), Authenticated Application Ethical Hacking (AEH) and Runtime Application Self Protection (RASP). This team is also responsible for policy setting, secure coding, developer training, threat modeling, technical consultations, code reviews and promoting industry best practices across the organization.

 

The Director of Application Security will lead a team of talented professionals managing core testing services and security engineering functions. While this is a technical hands-on role… people, time and relation management skills are a must. Works closely with and supports MetLife’s Application Security Coordinators, Application Development, DevSecOps, Enterprise Architecture and our Business Partners.

 

Key Responsibilities:

  • Strong people leader, with a proven track record in successfully managing large, complex, matrixed global teams & cybersecurity programs (or similar technology domains). Thought leadership, industry expertise, data driven and analytical mindset. Capable of effectively presenting technical topics or potential risks to senior leadership and business partners in a manner that is contextual.
  • Cultivate, lead, coach and support a diverse team of security practitioners. Supply vision to improve application security practices to fend against emerging threats using industry frameworks such as MITRE ATT&CK and Cyber Kill Chain. Serve as an application security champion to reenforce our shift-left secure by design philosophy developing software at MetLife.
  • Oversee the development of new security testing strategies, roadmaps, policies, procedures, detective/preventative controls and security tooling. With an efficiency mindset help identify opportunities to create efficiencies (simplify, standardize & automate).
  • Solid understanding of vulnerability management programs, strong communicator (written & verbal) with the ability to analyze and quantify threats and inherent risks through a business lens. Comfortable in proposing pragmatic and risk-based mitigation strategies in line with the organization’s residual risk tolerance levels.
  • Passionate leader to foster a warm, open, collaborative work atmosphere that recognizes diversity as one of our biggest strengths. Ability to effectively manage multiple global vendor relations, contracts and budget.

 

Key Relationships:

  • Reports to: AVP & Global Head of Application Security
  • Direct reports/team:  10-15 (plus consultants)
  • Key Stakeholders: Regional Information Security Leads, CIO’s, BISO’s, Internal/External Audit, Global Risk Functions, Enterprise Architecture, Application Development, Open-Source Office & DevOps Teams

 

Essential Business Experience and Technical Skills:

Required:

 

  • Experienced in developing and maintaining effective application security vulnerability management programs. General knowledge and experience with industry standard frameworks like BSIMM and SAMM. Strong working knowledge of OWASP Top 10 and SANS/CWE Top 25.
  • Strong knowledge of enterprise software development lifecycles (Traditional & DevSecOps) with a proven track record driving security decisions and influencing security best practices amongst development teams.
  • Familiarity with industry standards, regulations and frameworks including PCI-DSS, SOX, SSAE-18, NYDFS, GDPR, CCPA, NIST CSF & ISO 27001.
  • 8+ years in leadership roles managing large highly technical global programs, teams and multimillion-dollar budgets.
  • Bachelor’s degree in a related discipline required (advanced degree preferred)

 

Preferred:

 

"At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers."

 

#LI-WRAPJOB

MetLife:

 

MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

 

We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine’s 2021 list of the “World’s Most Admired Companies.”      

 

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

 

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife.  For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.

 

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

 

MetLife maintains a drug-free workplace.

 


Nearest Major Market: Raleigh