Share this Job

Team Leader - Technology Services

Apply now »

Date Posted: Aug 2, 2022

Location(s): Noida, IN, 0

Company: MetLife

Team Leader - Technology Services

Position Summary

This role will specialize on vulnerability management, leveraging technologies, techniques, and methods as they pertain to the development of and execution of information risk controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Our goal is to strengthen the Network Security for MetLife and prevent Cyber Attacks globally by avoiding exploitable and Non-compliant assets and Network Devices.

 

Vulnerability management and remediation analyst is responsible to detect weaknesses in networks and software and then takes measures to correct and strengthen security within the system.

 

Vulnerability Management – Monitor and Remediate External/Internal/Third party Threats and Vulnerabilities and mitigate them. Ensure MetLife’s Security posture is well contained and is not exposed/breached to any possible hacker.

 

Cloud Governance – Putting together an accountable framework for sustenance of Cloud services in MetLife and evaluating cloud environment Risk Tolerance with ability to define, plan, track cloud service objectives to closure in alignment of business and IT stakeholders requirements.

 

JAVA and Adobe -  Track Global status on outdated browsers and non-supported product versions leading to non-compliant usage on Workstation/Servers/VDI’s. Also plan stringent Remediation/Upgrade plan. Understand business requirement and outages or any leakage on customer detriment with any cost estimates for upgrades.

 

Third Party Audit Governance – Ability to prepare third party vendor audit management action plan, document implementation controls, publish periodic governance reports and track the gaps to closure.

 

Active Directory – Handling day-to-day administration duties including Data management, Domain controller specialization, data authentication on networks, improvisation on data availability for global users.

 

Application Security - Identify Critical flaws in applications and systems that cyber attackers could exploit. Prepare high level dashboard after conducting research and verifying actual vulnerabilities with mitigation plans.

 

Reporting Requirements – Supervisor is required to ensure all projects assignments or any additional work and client requirement is maintained and tracked via by Microsoft excel, projects, visio, power point, Power BI, etc.  Data representation with Stakeholder is critical to conduct periodic client reviews

 

Stakeholder Engagement – Conduct periodic Client calls and stakeholder reviews via Microsoft office reporting and Power BI dashboards to share daily/weekly progress and status on projects managed. Document client expectations and follow up on actions required.

 

 

Job Responsibilities

  1. Infrastructure remediation services – External and Internal vulnerabilities, TLS, JAVA, Adobe and Microsoft patching
  1. Monitor all Network Factors globally contributing to overall organization’s Cyber Health
  2. Remediate key vulnerabilities in external and internal risk areas to catch up and reduce overall Kenna score
  3. Drive tracking and removing or upgrading key Java, Adobe, and Windows products to eliminate risk from out of date versions
  1. Able to run Configuration files and updates for Java Programs including development, interface updates and Java Scripting
  2. Work on Linux server configurations, VB Scripts, Red Hat deployment, cloud middleware and applications developments to ensure timely security updates
  3. Identify vulnerabilities and work cross-functionally to implement counter measures.
  4. Managing the end-to-end vulnerability lifecycle from discovery to closure.
  5. Global tools remediation (Windows, Firewall, PC encryption, AV)
  6. Prepare daily/weekly dashboards with assignments progress for client review
  7. Monitor team’s progress on all requirements and ensure client expectations are exceeded
  8. Conduct periodic call, should be able to engage the team and discuss projects progress with stakeholders
  9. Monitor for new vulnerabilities reported by Internal and external Scanners.
  10. Coordinate and track remediation of vulnerabilities.
  11. To manage the support function in a multi-stakeholder environment, ensuring all stakeholders are informed, involved and appropriately supportive of initiatives and projects
  12. Develop scorecards and remediation prioritization / plans (PC Vs Server)
  13. Ensuring overall adherence to policy standards, overseeing the Security Awareness program, KPI monitoring, and assisting in external and internal audits.
  14. Assesses and manages the adequacy of the risk remediation plans of known information security vulnerabilities by involving engineering and operations teams
  15. Monitors and analyzes Security Information and Event Management SIEM to identify security issues for remediation
  16. Firewall Log denials and VPN recertifications
  17. Others – as we transition the work

Knowledge, Skills and Abilities

 

Education

  • Bachelor’s Degree in Computer Science, Information Systems, or related field.

Experience

  • 4+ years of overall experience with fair knowledge on various IT Infrastructure domains
  • 2+ of experience in Vulnerability Management Operations, Qualys, Kenna, SNOW
  • Knowledge of Deployment services, Windows patching, server updates and network configuration

Knowledge and skills (general and technical)

  • Collaborative tracking of gap closure and remediation plans with internal and external contacts/suppliers
  • Facilitation of the vulnerability management plan for shared processing environments, including response to quantified risks, which may involve acceptance, transfer, reduction or elimination.
  • Monitor status of risks, and reports status and need for action to senior management
  • Fair knowledge on IP, Firewalls, Datacommunication (routing/switching) etc.
  • General Background in information Security, strong understanding of network level Vulnerabilities.
  • Knowledge of JIRA, ServiceNow, Kenna, Qualys, CMS, NMAP, OpenSSL and similar tools, Linux, security tools in Kali Linux is bonus
  • Knowledgeable network security monitoring tools using SIEM or IDS/IPS technologies (ArcSignt, Splunk, Sourcefire, Fireeye, Snort, etc.)
  • Excellent communication skills

Other Requirements (licenses, certifications, specialized training – if required)

IT and/or Security Certification Preferred, ITIL, PMP, CEH, ISO 2700, CISSP, SANS, GSEC, CISA, CCNA etc.

Working Relationships

Internal Contacts

(and purpose of relationship):

 

  • MetLife internal partners

External Contacts

(and purpose of relationship) – If Applicable

 

  • MetLife external partners  

 

MetLife:

 

MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

 

We are ranked #44 on the Fortune 500 list for 2019. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.      

 

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

 

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.