Sr. Security Analyst -Third Party Incident Response Overview:This role will be responsible for supporting the Cyber Incident response program. This role is crucial to protecting our organization from potential threats introduced though our vendor ecosystem. Key Responsibilities:
Act as a primary point of contact for Third Party related security incidents and coordinate with internal and external stakeholders during security incidents to ensure timely and effective response.
Lead efforts to contain and mitigate the impact of incidents involving Third Parties.
Conduct thorough post-incident reviews to determine the root cause and prevent recurrence.
Document and share lessons learned and update incident response plans and procedures based on findings.
Assess existing detection and response capabilities and provide recommendations for improvements.
Report on incident details, impacts, and remediation efforts to senior management and stakeholders.
Communicate security expectations and requirements to Third Party vendors clearly and effectively.
Oversight of resources in Center of Excellence (CoE) supporting the program.
Qualifications:Required:
Minimum 2-3 years' experience in Third Party Cyber Risk Management or related work.
Strong knowledge of global security and privacy breach laws and regulatory reporting.
Technical expertise in information security, including familiarity with penetration and intrusion techniques and attack vectors.
Excellent analytical, problem-solving, and decision-making skills.
Strong communication and interpersonal skills.
Detail oriented with the ability to manage multiple tasks and prioritize effectively.
Experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.
Preferred:
Bachelor’s degree in cyber security, Information Technology, Computer Science, or a related field.
Relevant information security certifications (e.g., CISSP, CISM, CEH, CRISC, CISA, OSCP, GPen) highly preferred.
Experience implementing policies, procedures, and technology to detect and recover from a cybersecurity attack.
Equal Employment Opportunity/Disability/VeteransIf you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.MetLife maintains a drug-free workplace.