46 applicants
MetLife · 2 days ago
Application Security Analyst
Cary, NC
Full-time
Hybrid
Mid Level
2+ years exp
Wonder how qualified you are to the job?
Maximize your interview chancesAsset ManagementFinancial Services
Insider Connection @MetLife
Responsibilities
Provide security testing coordination and consultation services in a timely manner to software application development teams and other enterprise stakeholders as required for a portfolio of API services, web, and mobile applications.
Drive the discovery, understanding, and remediation of application vulnerabilities that are found using static code analysis, dynamic analysis, open-source software composition analysis tools, and ethical hacking methodologies.
Champion and promote a secure-by-design and Agile security culture across MetLife development teams.
Enforce compliance with MetLife's application cyber security policies and standards.
Continuously increase the effectiveness (i.e., planning, communication, and timely execution) of MetLife's global application security program.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s degree in computer science, Cyber Security, Information Technology, or related discipline.
2-4 years of combined experience in software development, cyber and data security/application security testing, and program management.
Experience with static code analysis, dynamic analysis, and open-source composition analysis using managed security testing platforms and application ethical hack testing.
Proficient in the SANS/CWE Top 25 and the OWASP Top 10 as well as API security testing best practices and remediation.
Strong technical communication, analytical, and time management skills to effectively and succinctly convey vulnerability flaw details and a recommendation for remediation to developers and leadership.
Preferred
Professional certifications such as SANS GWAPT, CEH, OSCP, or a CSSLP certification.
Ability to perform secure code reviews. Programming language proficiency in Java, JavaScript, C#, and Python.
Experience with white-box/black-box open source and commercial application security testing tools, tactics, techniques, and procedures.
Experience with technology innovation (e.g., Cloud, Azure, AI, ML), ethical hacking, security testing automation, and defect tracking.
Ability to maintain proficiency in emerging application security threats, especially those targeting the financial services industry. This position requires self-motivation, a strong willingness to learn, and a passion for application security.
Benefits
Medical/prescription drug and vision insurance
Dental insurance
Short- and long-term disability
Company-paid life insurance
Legal services
Retirement pension
401(k) with employer matching
Group discounts on voluntary insurance products
Employee Assistance Program (EAP)
Digital mental health programs
Parental leave
Volunteer time off
Tuition assistance
Company
MetLife
MetLife is a provider of insurance, employee benefits, and financial services .
10,001+ employees
H1B Sponsorship
MetLife has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (61)
2022 (165)
2021 (96)
2020 (78)
Funding
Current Stage
Public CompanyTotal Funding
unknown2000-04-28IPO· fra:MWZ
Leadership Team
Michel A. Khalaf
President and CEO, and Executive Leadership Team Member
Koley Corte
Senior Vice President and Chief Marketing Officer, Corporate and Institutional
Recent News
Minneapolis / St. Paul Business Journal
2024-06-04
2024-06-01
bloomberglaw.com
2024-05-27
Company data provided by crunchbase
