Share this Job

Lead Analyst, Incident Response

Date Posted: Nov 28, 2018

Location: Cary, NC, US, 27513

Company: MetLife

Job Location: United States : North Carolina : Cary  


Role Value Proposition: 

The Lead Analyst, Incident Response will provide key subject matter expertise as it relates to Global Cyber Security Incident Response and is responsible for managing cyber security incidents globally while providing technical expertise to global incident response associates to help manage, identify, remediate, and mitigate cyber security incidents.


Key Responsibilities:

  • Review, triage, escalate, and respond to security events and incidents while analyzing various log, network, malware, forensic, and open source information to validate security threats, recommend appropriate countermeasures, and assess the impact of incidents.
  • Lead on the team in developing a Global Threat Intelligence capability staying abreast of existing and developing threats against MetLife and our industry.
  • Maintain awareness of emerging threats, especially those targeting the financial services industry.  This position requires self-motivation, a strong willingness to learn, and passion for the information security field.
  • Perform proactive engagement (threat hunting) in order to identify potential threats to the environment and its customers.
  • Partner with Cyber Security teams to help script and develop automated processes that support Cyber Security tools and processes
  • Partner with other teams and vendors on the suite of tools the Incident Response team uses to include the Security Information and Event Management.


Essential Business Experience and Technical Skills:



  • Bachelor’s degree in computer science, information systems or related field, or equivalent work experience.
  • Candidate must have 5+ years of combined IT and Cyber Security related work experience.
  • Strong understanding of Windows operating systems and command line tools, network protocols, TCP/IP fundamentals, and security infrastructure.
  • Scripting and development experience for analysis and automate repeatable processes.
  • Experience with state if the art Security Information and Event Management (SEIM) systems.
  • Experience with wide range of security tools  (End point, DLP, IDS, AV…) used by incident response teams




  • Strong experience analyzing raw log files (i.e. firewall, IDS, PCAP, system logs), performing data correlation, and using SIEM or log management tools.
  • Relevant industry certifications such as CISSP, CCNA-Security, Security+, GIAC, PMP, LEAN and Six Sigma are desire.






At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.




MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 106211 

Nearest Major Market: Raleigh