Job Title: Director, Information Security EMEA
Job Location: Galway/Dublin Ireland
Metlife, Inc (“Metlife”) has helped generations of people around the world protect their families and finances. We are one of the world’s leading financial services companies, providing insurance, annuities, employee benefits, and asset management to our individual and institutional customers.
Role Value Proposition:
The EMEA Application Security team Lead will integrate the MetLife EMEA Information Security team and be responsible for the oversight and execution of the EMEA Application Security program at a regional level including but not limited to, plan activities and drive the program forward in accordance with global AppSec policy, ensuring alignment with business requirements and strategy, manage resources to ensure timely identification, and resolution of application security flaws and ensure appropriate support is provided as required within the region in close collaboration with both local and central teams at MetLife. A successful candidate must have strong background on application development and/or application security, as well as proved experience leading technical teams and must be capable of building strong internal and external partnerships that drive the program towards continuous improvement and alignment with the latest best practices.
Key Responsibilities:
1. Driving the execution of the EMEA Information Security program in region through work approaches that includes:
1. Developing processes and support other teams as subject matter expert
2. Collaborating closely with the wider MetLife organization to deliver on MetLife’s Global program
3. Support team members through training, governance and/or hands-on with execution of the program as required
4. Adhere to the annual InfoSec program goals and objectives
5. Manage the EMEA Application Security team and provide regular updates to the Head of Information Security in Region
2. Provide support to local technology and businesses, including:
1. Technology & Business Projects, ensuring adherence to Application Security best practices in alignment with MetLife and Regulatory policies and requirements
2. Partner with infrastructure, engineering, application development, and maintenance teams to identify and drive resolution of on-prem and Cloud security vulnerabilities and issues.
3. Coordinate the cybersecurity team and program in region, including:
1. Plan reviews and test in scope applications and drive remediation of identified security code flaws and vulnerabilities.
2. Assess risks presented by the different flaws and vulnerabilities and recommend course of action and prioritization as appropriate.
3. Maintain awareness of emerging threats, especially those targeting the financial services industry. This position requires self-motivation, a strong willingness to learn, and passion for the information security field.
4. Perform proactive engagement (Threat Modeling) in order to identify potential threats to the environment, applications and its customers.
5. Stays abreast of existing and developing threats against MetLife and our industry.
6. Partner with global working teams, gather the security requirements and recommend security products, services and/or procedures to enhance productivity and effectiveness.
7. Partner with other teams and vendors on the suite of tools the Application Security team uses to scan and test application for flaws and vulnerabilities to properly identify risky situations.
8. Keep up to date and learn new technologies/Cloud Platforms and ability to understand how security controls are implemented in the Cloud
9. Evaluate new applications architecture designs, and make recommendations
10. Coordinate tracking and execution of lessons learned with the broader application development teams in region.
11. Document Application security residual risks and drive resolution to closure.
12. Assist in development and execution of Application Security strategy and long-range planning and ensure team is tracking towards strategic goals
13. Develop meaningful Application Security KPIs and metrics
14. Respond to internal and external audit, customer, and regulator data requests
Essential Business Experience and Technical Skills:
* Bachelor’s degree in computer science, information systems or related field, or equivalent work experience.
* Candidate must have 10+ years of combined IT experience with proven track record in security
* Proven experience in managing and coordinating small high-performing teams
* Ability to plan and coordinate multiple security initiatives in an organized and prioritized manner
* Ability to consider cross-functional perspectives and drive common ground solutions
* Demonstrates natural learning agility and personal flexibility in a fast-paced, change-oriented environment
* Excellent analytical, interpersonal, communication, presentation, influencing and leadership skills will be essential
* Industry accepted Certification on IT Risk, Cyber Security, Cloud Security or similar is preferred – e.g. CISSO, Security+, GSEC, CEH, etc.
* Good English language skills both oral as well as written; Additional languages knowledge preferred.
Travel
5%
Business Category
GTO – Information Security Organization
Number of Openings
1
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of
#J-18808-Ljbffr