Assistant Manager - Technology Services

Apply now »

Date Posted: May 6, 2024

Location(s): Noida, IN

Company: MetLife

Assistant Manager - Technology Services

 

Position Summary

 

 

The team protect the MetLife’s Cyber Security interest by providing oversight and monitoring on Infrastructure and Application Security, as well as responding to the cyber related incidents our role is to guide the first line of defense functions (Operations, Engineering….) to properly secure the environment and provide management/partners with the visibility of overall security posture. We also monitor the environment for security incidents and lead the response to Cyber threats.

 

  • To provide managed detection, incident investigation and proactive hunting, thus minimizing the potential business impact from cyber attacks
  • Continuous vigilance, to establish whether a compromise has occurred, and provide expert assessment of the nature, scope and implications of the incident along with tailored remediation steps specific to the environment.
  • Submit, Review and Action the new Archer Incident ticket submitted on Archer Incident Tool
  • Submitting new Incident ticket on Service Now
  • Communication with all the global regional IT Security teams for tracking the archer incident submitted for timely closure post resolution
  • Performing risk analysis for the compromised MetLife Machines attacked by Malicious Domains to check suspicious activities by using MetLife Internal Tools
  • Analyze and take corrective action on the Phishing emails sent to MetLife employee

 

 

 

Job Responsibilities

 
  1. Responsible for gathering correct information to submit Archer Incident requests
  2. Risk assessment and Impact analysis of the compromised machines infected by Malicious Domains
  3. Interact with different regional security teams and engineers daily in context to suspicious activities reported  for compromised machines for containment
  4. Analyze Financial Services ISAC emails to check multiple vulnerabilities reported which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, and cause a DoS (Denial of Service)
  5. Reporting of logs and updating hashes on SharePoint for the Malicious Domains, IP reported in FSISAC emails
  6. Analysis of New and Dropped Domains reported in Mark Monitor Application. Escalating the Suspicious Domains to Mark Monitor for take down
  7. Daily report out of High scoring Domains published in Open DNS communicating with internal MetLife machines for a possible infection
  8. Run daily queries on Splunk and report out for identify Pan Threat “Domains”, Filenames, Ransomware
  9. Analysis of incidents/reports/dashboards and extracting Bluecoat/Palo Alto logs from Symantec portal
  10. Analyze and report out of the Malicious URL’s published in BCOAT Report post reviewing them on Virus Total, URL Void, OpenDNS, Malware Domainlist, Bluecoat, Google
  11. Excellent Soft skills (Mandatory )
  12. Excellent Communication skills (Mandatory )
  13. Excellent E-mail writing skills (Mandatory )
  14. Excellent inter-personal skills with the ability to coordinate cross functionally

 

Knowledge, Skills and Abilities

 

 

Education
  • IT Graduate
  • Basic IT Infrastructure & Incident Response Knowledge
  • Knowledge of Databases, Networks, Hardware, Firewalls and Encryption

 

Experience
  • Total of 7 years of Experience with atleast 4 years in Incident Response
  • Hands on work experience in Cyber Security Tools like XSOAR or IBM Q-RADAR or Splunk or DLP, etc.
  • Must process problem solving, planning, and analytical skills to drive continuous improvements

 

Knowledge and skills (general and technical)
  • Expertise in networking Security System i.e. Firewall, Dynamic Host Configuration Protocol (DHCP), Secure Sockets Layer (SSL), Content Delivery Network, DNS
  • Thorough knowledge of Service Now applications
  • Experience and knowledge of Incident management practices
  • Prior experience in managing Incident helpdesk / Incident management work is preferable
  • Intermediate MS Office skills

 

 

Other Requirements (licenses, certifications, specialized training – if required)
  • Preferably CISSP Certified

 

Working Relationships

 

Internal Contacts

(and  purpose of relationship):

 
  • All Internal GOSC Stake Holders

 

External Contacts

(and purpose of relationship) – If Applicable

 
  • Stateside Client/ Engineers from different regional Security teams (Such as Country/Regional Head for Monitoring/Containment)

 

MetLife:

 

MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

 

We are ranked #44 on the Fortune 500 list for 2019. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.      

 

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

 

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

Apply now »