Sr. Security Analyst -Third Party Incident Response Overview:

This role will be responsible for supporting the Cyber Incident response program. This role is crucial to protecting our organization from potential threats introduced though our vendor ecosystem.

Key Responsibilities:

• Act as a primary point of contact for Third Party related security incidents and coordinate with internal and external stakeholders during security incidents to ensure timely and effective response.

• Lead efforts to contain and mitigate the impact of incidents involving Third Parties.

• Conduct thorough post-incident reviews to determine the root cause and prevent recurrence.

• Document and share lessons learned and update incident response plans and procedures based on findings.

• Assess existing detection and response capabilities and provide recommendations for improvements.

• Report on incident details, impacts, and remediation efforts to senior management and stakeholders.

• Communicate security expectations and requirements to Third Party vendors clearly and effectively.

• Oversight of resources in Center of Excellence (CoE) supporting the program.

Qualifications:

Required:

• Minimum 2-3 years' experience in Third Party Cyber Risk Management or related work.

• Strong knowledge of global security and privacy breach laws and regulatory reporting.

• Technical expertise in information security, including familiarity with penetration and intrusion techniques and attack vectors.

• Excellent analytical, problem-solving, and decision-making skills.

• Strong communication and interpersonal skills.

• Detail oriented with the ability to manage multiple tasks and prioritize effectively.

• Experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.

Preferred:

• Bachelor’s degree in cyber security, Information Technology, Computer Science, or a related field.

• Relevant information security certifications (e.g., CISSP, CISM, CEH, CRISC, CISA, OSCP, GPen) highly preferred.

• Experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.

Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.