Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Senior IT Risk & Security Consultant

Business and Financial Operations


Full Time

On Site


Cary, North Carolina, United States

Position: Senior IT Risk & Security Consultant

Job Location: United States : North Carolina : Cary

Work Arrangement: Hybrid – 3 days in office/2 days remote.

Key Responsibilities: Perform web and mobile application ethical hacking, threat assessments, and Web Services penetration testing (RESTful and SOAP) using automated and manual techniques. Implement application/website inventory controls to support continuous monitoring of attack surface. Identify threats, prioritize remediation and report potential risks to organization, applying principles of adversary tactics and TTP. Assess critical cybersecurity incidents and review detective/preventive controls across each stage of the Cyber Kill Chain. Develop internal knowledge base, threat metrics, and remediation progress tracking and MITRE ATT&CK patterns. Support company’s global application security program, initiatives and activities, focusing on discovering, documenting, assessing and reporting Cyber Security threats to organization.

Essential Business Experience and Technical Skills: Bachelor's degree in Computer Science, Management Information Systems or Information Technology (willing to accept foreign education equivalent) plus ten (10) years of experience working as an ethical hacker, attack surface monitoring - Cyberpion or cyber threat analyst/hunter. Specific skills/other requirements (quantitative experience requirement not applicable to this section) -- must possess the following experience: Assessing cyber security threats, threat actors, trends in adversary activities, attack vectors, emerging industry risks and effective application/website security counter measures; emulating adversary TTPs to validate security controls efficacy and continuous threat monitoring of global attack surface; performing security assessments using security standards OWASP, SANS, HIPPA, PCI DSS and GDPR; and creating test strategies across web and mobile applications to uncover attack vectors not detected by vulnerability scanners.

Assignment category:

Full time

Requisition #:


Business Category:

Application Security – 31957

Number of openings:


Recruiter Information:

Nicole Kirsch

Hiring Manager:

Brett Venson

“At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.”



MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine’s 2021 list of the “World’s Most Admired Companies.”

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.