Under the direction of the Red Team Lead, the Red Team Analyst will help develop and perform various red team activities and exercises along with periodic penetration tests. The Red Team Analyst will also work with the threat hunting team, help with detection engineering activities and with the implementation of certain Critical Security Controls. The Red Team Analyst will provide subject matter expertise across various areas as it relates to continuously enhancing MetLife’s security posture. This role will also require advanced analytical and communication skills in order to efficiently interact with global stakeholders and provide input to drive effective remediation across the organization.
Perform various red team exercises, network penetration and web application testing, wireless network assessments and social engineering assessments
Familiar with and safely able to use various attacker tools, techniques, and procedures. Assist with scoping prospective engagements, engagements from kickoff through remediation.
Build and coordinate Red Team exercises and initiatives with internal stakeholders from inception to closure. Perform vulnerability assessments using manual and automated techniques (internal and external penetration testing).
Emulate sophisticated attacks through electronic and physical penetration testing, and defensive control evasion.
Develop comprehensive metrics, reports, and presentations on Red Team activities and findings for technical and executive stakeholders. Document Red Team processes, tactics, techniques, and procedures.
Essential Business Experience and Technical Skills:
4+ years of experience with network penetration testing and manipulation of network infrastructure
Web application assessments
Strong knowledge of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
Strong understanding of operating systems (i.e. Windows, Unix, Linux, and Mac), network technologies, and protocols (i.e. DNS, SMTP, SMB, SNMP, SSH, TCP/UDP, TLS, etc.).
Experience with various testing tools such as Metasploit, Nmap, Qualys, Nessus, Burp Suite, Tanium, Wireshark, TCPdump etc. Knowledge of Active Directory. Proficiency with one or more scripting languages such as Python, Ruby, PowerShell, Bash, etc.
Relevant industry certifications such as OSCP, OSCE, GPEN, CISM, CISSP, CISA, Security+, MCSE, GSEC, PMP, LEAN, and Six Sigma are desired.
Shell scripting or automation of simple tasks using Perl, Python, or Ruby
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.
MetLife: MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.
We are one of the largest institutional investors in the U.S. with $600 billion of total assets under management as of December 31, 2019. We are ranked #44 on the Fortune 500 list for 2019. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.
MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.
We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to firstname.lastname@example.org or call our Employee Relations Department at 1-877-843-3711.
MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
Requisition #: 114666
Internal Number: 114666
At MetLife, we put customers at the absolute center of everything we do. In fact, we believe technology will transform the customer experience and are investing nearly $300 million in new technologies that will help us innovate and develop new products and services to better serve our customers.We're actively seeking world-class talent for the GTO division, building a diverse, global and highly skilled workforce that is passionate about the same things we are — pushing ourselves to learn and grow, to be efficient, to share experiences and knowledge and to collaborate as a global team.