Application Security Analyst

2 days ago

Cary, North Carolina, United States MetLife Full time

Description and Requirements
Role Value Proposition:
MetLife's Global Application Security team's mission is to identify, protect, detect, respond, and recover from threats to business applications in near real-time. This is a hands-on technical role where you will be accountable for the timely delivery of application security compliance testing.
As an Application Security Analyst, you will work directly with application developers and program managers as a trusted advisor ensuring that software development teams, using either Agile or Waterfall methodologies, adopt a security-first or 'secure-by-design' methodology integrated through automation in their SDLC processes. You will ensure software vulnerabilities are detected and correctly remediated by application developers early in the software development lifecycle as part of MetLife's 'secure-by-design' adoption strategy. You will Analyze, support & administer one or more specialized security tools, systems, software, and procedures. Help identify potential gaps and develop technical controls to compensate. You will be responsible for managing a range of business applications, including web applications, mobile applications, and API services. This role has high visibility that supports the business and cybersecurity goals of MetLife's senior leadership with opportunities for growth. Your technical knowledge, analytical thinking, time management skills, business acumen, and consistent operational discipline are your keys to success.
Key Responsibilities:

  • Provide security testing coordination and consultation services in a timely manner to software application development teams and other enterprise stakeholders as required for a portfolio of API services, web, and mobile applications.
  • Drive the discovery, understanding, and remediation of application vulnerabilities that are found using static code analysis, dynamic analysis, open-source software composition analysis tools, and ethical hacking methodologies.
  • Champion and promote a secure-by-design and Agile security culture across MetLife development teams.
  • Enforce compliance with MetLife's application cyber security policies and standards.
  • Continuously increase the effectiveness (i.e., planning, communication, and timely execution) of MetLife's global application security program.

Essential Business Experience and Technical Skills:
Required:

  • Bachelor's degree in computer science, Cyber Security, Information Technology, or related discipline.
  • 2-4 years of combined experience in software development, cyber and data security/ application security testing, and program management.
  • Experience with static code analysis, dynamic analysis, and open-source composition analysis using managed security testing platforms and application ethical hack testing.
  • Proficient in the SANS/CWE Top 25 and the OWASP Top 10 as well as API security testing best practices and remediation.
  • Strong technical communication, analytical, and time management skills to effectively and succinctly, convey vulnerability flaw details and a recommendation for remediation to developers and leadership.

Preferred:

  • Professional certifications such as SANS GWAPT, CEH, OSCP, or a CSSLP certification.
  • Ability to perform secure code reviews. Programming language proficiency in Java, JavaScript, C#, and Python.
  • Experience with white-box/black-box open source and commercial application security testing tools, tactics, techniques, and procedures.
  • Experience with technology innovation (e.g., Cloud, Azure, AI, ML) ethical hacking, security testing automation, and defect tracking.
  • Ability to maintain proficiency in emerging application security threats, especially those targeting the financial services industry. This position requires self-motivation, a strong willingness to learn, and a passion for application security.

At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.
Benefits We Offer
Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more
About MetLife
Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For , MetLife , through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible . Join us
Equal Employment Opportunity/Disability/Veterans
If you need an accommodation due to a disability, please email us at This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
#BI-Hybrid

  • IT Security Analyst

    2 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Role Value Proposition:The IT Security Analyst will play a key role in managing and optimizing MetLife's enterprise workforce identity access technology. This position will work with technologies such as Azure Entra ID and classic Active Directory. The successful candidate will have the opportunity to engage in hands-on solutioning, deployment, and...

  • Sr. Application Security Specialist

    4 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: This role serves as a key member of the Application Protection team. The candidate will be part of a team that maintains responsibility for life cycle management of application Distributed Denial of Service (DDoS), Bot Mitigation, and Web Application Firewall (WAF) application defense capabilities. Life...

  • Sr. Application Security Specialist

    1 month ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: This role serves as a key member of the Application Protection team. The candidate will be part of a team that maintains responsibility for life cycle management of application Distributed Denial of Service (DDoS), Bot Mitigation, and Web Application Firewall (WAF) application defense capabilities. Life...

  • Enterprise Application Security Architect

    4 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: MetLife is a leader in providing insurance and protection products to customers around the globe. MetLife has undertaken a digital transformation journey to deliver innovative and industry-leading digital solutions, employing cutting-edge cloud and engineering technologies, and agile development practices....

  • Enterprise Application Security Architect

    1 month ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: MetLife is a leader in providing insurance and protection products to customers around the globe. MetLife has undertaken a digital transformation journey to deliver innovative and industry-leading digital solutions, employing cutting-edge cloud and engineering technologies, and agile development practices....

  • Senior Application Security Engineer

    2 weeks ago

    Cary, North Carolina, United States Elevance Health Full time

    Senior Application Security EngineerLocation: This position will work a hybrid model (remote and office). The Ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations.Preferred Location: Cary, NC.The Senior Application Security Engineer is responsible for delivery of end to end application, system development and...

  • Cyber Security Analyst

    4 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: MetLife has an exciting opportunity for an experienced risk & security professional to join our Global Security Risk Management team, within the Office of Global Security. This role will be responsible for managing application and IT security service assessments to assess cybersecurity and technology risks...

  • Cyber Security Analyst

    1 month ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: MetLife has an exciting opportunity for an experienced risk & security professional to join our Global Security Risk Management team, within the Office of Global Security. This role will be responsible for managing application and IT security service assessments to assess cybersecurity and technology risks...

  • Cyber Security Analyst

    2 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and Requirements Role Value Proposition: MetLife has an exciting opportunity for an experienced risk & security professional to join our Global Security Risk Management team, within the Office of Global Security. This role will be responsible for managing application and IT security service assessments to assess cybersecurity and technology risks...

  • Cybersecurity Operations Analyst

    1 month ago

    Cary, North Carolina, United States American Tower Corporation Full time

    The TeamWe are seeking a Cybersecurity Operations Analyst to join American Tower's corporate Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. The ideal candidate will possess strong tactical and analytical abilities, along with a deep understanding of...

  • Cybersecurity Operations Analyst

    4 weeks ago

    Cary, North Carolina, United States American Tower Corporation Full time

    The TeamWe are seeking a Cybersecurity Operations Analyst to join American Tower's corporate Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. The ideal candidate will possess strong tactical and analytical abilities, along with a deep understanding of...

  • Director Security Operations Center

    3 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and RequirementsMetLife operates a global MetLife Security Operations Center (MSOC) in the Cary, NC area. The MSOC is a state-of-the-art, 24x7x365 facility enabled to handle security needs and response for MetLife globally. The MSOC is pivotal in maintaining 24x7x365 vigilance, orchestrating responses, and ensuring the safety and security of our...

  • Director, Enterprise Applications

    2 weeks ago

    Cary, North Carolina, United States Epic Games Full time

    ITWhat We DoCreate and maintain a proactive and stable IT environment as well as provide IT support to our Epic people. You will be empowered to shape processes that deliver optimized IT service across our business. Work with emerging technologies while enabling IT success for everyone.What You'll DoThe Director of Enterprise Applications will define,...

  • Director Security Operations Center

    2 weeks ago

    Cary, North Carolina, United States MetLife Services and Solutions, LLC Full time

    and Requirements MetLife operates a global MetLife Security Operations Center (MSOC) in the Cary, NC area. The MSOC is a state-of-the-art, 24x7x365 facility enabled to handle security needs and response for MetLife globally.The MSOC is pivotal in maintaining 24x7x365 vigilance, orchestrating responses, and ensuring the safety and security of our operations...

  • Data Analyst

    2 weeks ago

    Cary, North Carolina, United States Epic Games Full time

    WHAT MAKES US EPIC? At the core of Epic's success are talented, passionate people. Epic prides itself on creating a collaborative, welcoming, and creative environment. Whether it's building award-winning games or crafting engine technology that enables others to make visually stunning interactive experiences, we're always innovating. Being Epic means being a...

  • Senior Cyber Threat Intelligence Analyst

    4 weeks ago

    Cary, North Carolina, United States MetLife Full time

    Description and RequirementsJob Location: Hybrid - M-T-TH - Cary NC The Team You Will Join The Cyber Threat Intelligence team is part of the Global Security organization. Its primary responsibilities include collecting, analyzing, and sharing threat data to stay up-to-date with potential security threats. The Opportunity The Senior Cyber Threat...

  • Senior Cyber Threat Intelligence Analyst

    1 month ago

    Cary, North Carolina, United States MetLife Full time

    Description and RequirementsJob Location: Hybrid - M-T-TH - Cary NC The Team You Will Join The Cyber Threat Intelligence team is part of the Global Security organization. Its primary responsibilities include collecting, analyzing, and sharing threat data to stay up-to-date with potential security threats. The Opportunity The Senior Cyber Threat...

  • Senior Data Analyst

    1 month ago

    Cary, North Carolina, United States Epic Games Full time

    WHAT MAKES US EPIC?At the core of Epic's success are talented, passionate people. Epic prides itself on creating a collaborative, welcoming, and creative environment. Whether it's building award-winning games or crafting engine technology that enables others to make visually stunning interactive experiences, we're always innovating.Being Epic means being a...

  • Senior Data Analyst

    4 weeks ago

    Cary, North Carolina, United States Epic Games Full time

    WHAT MAKES US EPIC?At the core of Epic's success are talented, passionate people. Epic prides itself on creating a collaborative, welcoming, and creative environment. Whether it's building award-winning games or crafting engine technology that enables others to make visually stunning interactive experiences, we're always innovating.Being Epic means being a...

  • Director, Enterprise Applications

    2 weeks ago

    Cary, North Carolina, United States Epic Games Full time

    At the core of Epic's success are talented, passionate people. Epic prides itself on creating a collaborative, welcoming, and creative environment. Whether it's building award-winning games or crafting engine technology that enables others to make visually stunning interactive experiences, we're always innovating.Being Epic means being a part of a team that...