Infrastructure Vulnerability Assessment Consultant
Company MetLife
Location Cary, NC
Preferred GIAC Certifications GISF, GSEC, GCED, GPEN, GXPN, GCIH, GPYC, GCLD, GCPN, or other GIAC
Travel 0%
Salary Not provided
Contact Name Anonymous
Contact Email allyson.kiefer/at/
Expires 2024-07-10

Job Description

Role Value Proposition:
The Infrastructure Vulnerability Assessment Consultant will provide subject matter expertise as it relates to vulnerability analysis and the enhancement of security monitoring capabilities. The Consultant will continuously analyze, assess, prioritize, and recommend risk reduction strategies for vulnerabilities discovered by internal and perimeter security tools. The Consultant will be a key contributor in security tool deployment, maintenance, process automation development, and forbidden software monitoring. This role will require advanced analytical and communication skills to efficiently interact with global stakeholders and leadership teams to drive effective risk reduction across the organization.

Key Responsibilities:
• Analyze various threat and vulnerability feeds, security tools, and intelligence sources to assess the security risk for the organization and prioritize remediation efforts for greatest impact
• Run various assessment tools to obtain insight on security posture and create reports for management and global IT stakeholders
• Liaise with the Threat Research Team to obtain and complement valuable insight on emerging vulnerabilities
• Provide vulnerability risk reduction consultation to global teams to support enterprise remediation efforts
• Lead ongoing system administration responsibilities for core Vulnerability Management systems

Essential Business Experience and Technical Skills:
• Candidate must have 5+ years of combined IT and Cyber Security related work experience
• Familiarity with various infrastructure assessment tools
• Proficiency in automation development for analysis, reporting, security tool administration, and process enhancement (e.g. Python, PowerShell, and REST API)
• Strong understanding of key security controls, technologies (e.g. Operating Systems, Networking, Firewalls, SIEM, Security Analytics, SOAR), business processes, internal control risk management, IT controls and related standards, and Scaled Agile Framework
• Possess strong written and verbal communication skills and be able to document and explain technical details clearly and concisely

• Bachelor’s degree in computer science, information systems or related field, or equivalent work experience
• Familiar with security tools and system deployment technologies such as NMAP, CHEF, and SCCM
• Familiar with the CIS critical security controls and vulnerability management best practices
• Relevant industry certifications such as GIAC, CISSP, CISM, CCNA, Security+, PMP, SAFe, LEAN and Six Sigma are desired
• Experience working in high-performance teams