MetLife Jobs

Red Team Analyst

City/Cities

Cary

State(s)

North Carolina

Country

United States

Working Schedule

Full-Time

Work Arrangement

Hybrid

Posted Date

04-Mar-2024

Job ID

1525

Description and Requirements

*Role Value Proposition: *

Under the direction of the Red Team Lead, the Red Team Analyst will help develop and perform various Red Team activities and exercises along with a series of periodic penetration tests. The Red Team Analyst will provide subject matter expertise across multiple areas related to continuously enhancing MetLife's security posture. This role will also require advanced analytical and communication skills in order to efficiently interact with global stakeholders and provide input to drive effective remediation across the organization.

Key Responsibilities:

• Perform network penetration and web application testing, social engineering assessments, and red team assessments.

• Familiar with and safely able to use various attacker tools, techniques, and procedures.

• Assist with scoping prospective engagements, engagements from kickoff through remediation.

• Build and coordinate Red Team exercises and initiatives with internal stakeholders from inception to closure. Perform the assessments using manual and automated techniques.

• Simulate sophisticated attacks based on their TTPs mapped to the MITRE ATT&CK

• Simulate sophisticated attacks through social engineering, electronic and physical testing, and defensive control evasion.

• Develop comprehensive reports, and presentations on Red Team activities and findings for technical and executive stakeholders.

• Document Red Team processes, tactics, techniques, and procedures.

Qualifications

Required Qualification:

• Bachelor's degree in computer science, information systems or related field, or equivalent work experience.

• At least 2+ years of Red Team experience.

• At least 4+ years of experience in the penetration testing area, including:

• Strong experience in Network, web application, and infrastructure penetration testing

• Proficiency with one or more scripting languages such as Python, PowerShell, and Bash to automate simple tasks.

• Experience modifying exploits and using exploit tools.

• Strong knowledge of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell.

• Knowledge about red teaming methodologies and tools.

• Knowledge of security controls, including access, intrusion detection/prevention systems (IPS/IDS), security information and event management (SIEM) systems, patch management systems, etc.

• Experience with testing tools like Cobalt Strike, Metasploit, Nmap, Burp Suite, Wireshark, etc.

• Knowledge of Active Directory attack paths

• Email social-engineering assessments.

• Strong understanding of operating systems network technologies, and protocols.

• Excellent written and verbal communication skills.

• Experience documenting high-quality reports.

• Experience working in complex, diverse, and global (international) environments.

• Relevant offensive certifications such as OSCP, OSEP, OSCE, GXPN, and GRTP.

Preferred Qualifications:

• Purple Team experience.

• Experience using BAS tools.

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!

About MetLife

Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For ®, MetLife , through its subsidiaries and affiliates, is one of the world’s leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we’re inspired to transform the next century in financial services. At MetLife, it’s#AllTogetherPossible (https://www.metlifecareers.com/ml/GreatPlaceToWork) . Join us!

Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.