Assistant Manager-Technology Services

Description and Requirements
Position Summary
As an experienced Cyber Security professional, candidate will establish, maintain and continually refine baseline standards that protect our organization and customers. Candiate will take proactive lead on incident response, risk reviews, vulnerability assessments, identifying threats and provide hands-on solutions using best practices, new policies, and emerging trends. The position requires experience with CyberSecurity related tools, full-stack hand-on programming abilities, deep knowledge of data structures and fundamental algorithms, data analytics and ability to analyze, design and develop new solutions and approaches quickly. Ability to evangelize, envision new proof of concepts, implementation, integration and coordination as well as familiarity with SCRUM are considered plus.

• Assess the capacity of the existing collectors, build new collectors and load balancing to expand the logging capacity.
• Manage SIEM data source onboarding using DevOps and Agile approaches.
• Collaborate with operational teams for logging agent deployment and maintain the wrapper scripts.
• Troubleshoot data source connection issues and parse event logs.
• Monitor system performance, the health of data sources and collectors to ensure continuous logging of the data sources.
• Implement SIEM rules for security detection and regulatory compliance.
• Create reports and provide actionable metrics to management.
• Provide audit support for the SIEM platforms.

Knowledge, Skills and Abilities
Education

• Bachelor's degree in computer science, information systems or related field.

Experience

• 12+ years of total experience with 8+ years of related experience in Cyber Security, Incident Response, Information Security and/or Information Technology.
• 6+ Experience in Security Information and Event Management (SIEM).
• Experience in Security Orchestration, Automation, and Response (SOAR) solutions, and endpoint security solutions.
• Strong communication skills, both written and verbal.

Knowledge and skills (general and technical)

• Strong Python/ PowerShell/ C#, .NET / API development experience.
• Advanced troubleshooting skills (eg: wireshark, host forensics, log analysis and debugging).
• Strong understanding of general incident response methodologies, threats and vulnerabilities, cyber security practices, and security tool architectural and engineering principles.
• Understanding of national and international laws, regulations, policies and ethics related to cybersecurity.
• Experience in designing and developing automation playbooks to streamline security operations processes.
• Proficiency in designing and developing custom automations and third-party tool integrations with SOAR platforms(preferably Palo Alto XSOAR).
• Maintaining and enhancing SOAR platform infrastructure, including setup, configuration, upgrades etc.
• Solid understanding of Agile methodologies and their practical application in security and technology service environments.
• Strong Proficiency in Python for scripting and automation.

About MetLife
Recognized on Fortune magazine's list of the 2025 "World's Most Admired Companies" and Fortune World's 25 Best Workplaces™ for 2024, MetLife , through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services.
At MetLife, it's #AllTogetherPossible . Join us!
#BI-Hybrid