Share this Job

Senior IT Security Service Analyst

Date Posted: Sep 13, 2021

Location: Noida, IN, 0

Company: MetLife

 

Position Summary

 

 

  • Information Technology Risk assessment & Findings management and reporting
  • Intake of Vendor Assessment and Application Vulnerability Testing requests from countries.
  • Tracking of Vendor Assessment and Application Vulnerability Testing requests from countries
  • Metrics generation for regional IT and Risk committee update
  • Aid in developing and implementing information systems development plans, policies and procedures
  • Provide advice on a wide range of information systems security issues
  • Communicate with regional and global stakeholders to identify and document requirements
  • Provide advice on information systems strategy, policy, management, security and service delivery.
  • Audit issue Tracking, Coordination and Management
  • IT Risk and Security tasks regular follow up with countries
  • Creating and approving IT Risk Findings for Asia region
  • Keeping Track of in-flight Application Security Assessments (Take inputs from Other GOSC Teams)
  • Coordinating within Asia and other regions for information collection and broadcasting on behalf of global team.

 

 

Job Responsibilities

 

 

Vendor Assessment

    • Assist in the reporting of vendor risk management activities
    • Develop and maintain standard operating procedures (SOPs)
    • Be an ambassador for the team to assist with the ongoing integration of the GRC with other business units
    • Act as a subject matter expert to assist the business in identifying and mitigating risks on their vendor relationships
    • Provide analysis and recommendations for identified security exceptions; participate in defining remediation efforts
    • Ensure all vendor relationships are documented in the Archer system and all contracts related to vendors that provide outsourced services are uploaded in the system

 

 

 

Application Security

  • Perform the Internal application assessment on Archer tool to get CIA value
  • Coordinate with application owner, developer to close the internal findings.
  • Create a profile of all Internet facing applications on Veracode & Primeon
  • Handover the application to third party (Veracode & Primeon) for VA & PT
  • Coordinate with Third party vendors and application owner & developer to meet requirements of assessment and provide governess until the application is in production use
  • Analyze and report out of the Malicious URL’s published in BCOAT Report post reviewing them on Virus Total, URL Void, OpenDNS, Malware Domain list, Bluecoat, Google 
  • Excellent Soft skills (Mandatory)
  • Excellent Communication skills (Mandatory)
  • Excellent E-mail writing skills (Mandatory)
  • Excellent inter-personal skills with the ability to coordinate cross functionally Knowledge, Skills and Abilities Education
  • Exposure to self-identified questionnaire for pipelined Audits by mapping with Control Standards & Controls procedures

Knowledge, Skills and Abilities

 

 

Education

  • BTech/BE
  • CISA Certified

 

Experience

  • Basic IT Infrastructure & Incident Response Knowledge
  • Knowledge of Databases, Networks, Hardware, Firewalls and Encryption Experience
  • Total of 8 years of Experience with at least 6 years in Incident Response, Fraud Monitoring & Threat Hunting
  • IT Risk & Security Audit & Compliance background

 

Knowledge and skills (general and technical)

  • Expertise in networking Security System i.e. Firewall, Dynamic Host Configuration Protocol (DHCP), Secure Sockets Layer (SSL), Content Delivery Network, DNS
  • Thorough knowledge of GRC tools(Archer)
  • Experience and knowledge of Findings management practices
  • Exposure to enterprise share-point
  • Intermediate MS Office skills

 

Other Requirements (licenses, certifications, specialized training – if required)

  • Must process problem solving, planning, and analytical skills to drive continuous improvements

 

 

MetLife:

 

MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

 

We are ranked #44 on the Fortune 500 list for 2019. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.      

 

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

 

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.