Network Detection and Response Engineer

Description and Requirements
The Team You Will Join
The Cyber Platforms and Automation team is primarily based out of MetLife's global technology headquarters in Cary, NC. This team manages the key cybersecurity platforms including SIEM, UEBA, SOAR, MSV, NDR, and the Cybersecurity Lab, develops security content and processes to automate threat detection and incident response. The team takes immense pride to pursue the vision to transform the Security Operations Center (SOC) to next generation with AI-driven cybersecurity technologies and processes to detect and predict threats with high accuracy, to prevent and respond to threats with high efficiency.
The Opportunity
The Security Lead, Network Detection and Response will be responsible for the following tasks and activities:

• Global Solution Deployment:
  • Understand the regional network architecture and engineer NDR solution deployment by identifying the correct choke points to optimize packet capture and meta data collection.
  • Architect and deploy software censors for the vmware infrastructure visibility for high value assets and flow and packet collection for major cloud service providers (Azure, AWS and GCP).
• Threat Detection and Analysis: Develop and maintain network security monitoring strategies for hybrid (datacenter and cloud) environments to proactively monitor, identify, and analyze anomalous network activity, leveraging NDR.
• Security Incident Response: Facilitate investigations into potential security incidents, providing in-depth analysis to determine the scope and impact. Collaborate on incident containment, remediation, and root cause analysis to mitigate risks.
• Signature and Rule Development: Create custom rule detection, tune existing rules to reduce false positive and understand behavioral detection based on ML and AI.
• Threat Hunting: Facilitate conducting proactive hunts and campaigns for advanced threats and attack patterns across our network infrastructure, applying advanced analytics and threat intelligence.
• Continuous Improvement: Stay updated on the evolving threat landscape and emerging cybersecurity technologies. Propose enhancements to existing security systems, processes, and detection capabilities.
• Documentation and Reporting: Maintain detailed documentation of security incidents, investigations, and resolution steps. Provide clear reporting to management on security posture and identified risks.

This is an exciting opportunity to directly contribute to completing MetLife's SOC visibility triad by establishing the network detection and response capabilities that will complement the existing logging and endpoint detection and response programs.
Success in this role requires you to demonstrate skills to work collaboratively with a vey diverse group of stakeholders from global regions and backgrounds like cyber security experts, network engineers, infrastructure operations, Business leaders etc. The ideal candidate will apply their deep experience in network security and engineering to bolster our threat detection and incident response capabilities across both traditional datacenter and public cloud environments. With a robust foundation in information security principles, you will play a vital role in protecting our organization's critical assets.
Required Skills:

• Minimum of 5 years of proven experience in network security roles, with a solid background in network engineering/Microsoft cloud administration/Identity and Access Management.
• Deep understanding of TCP/IP protocols, network traffic analysis, and common attack vectors.
• Proven experience with security information and event management (SIEM) solutions, IDS/IPS systems, Packet aggregator technologies, and network forensic tools.
• Knowledge of datacenter network architecture, security best practices, and relevant technologies.
• Knowledge of modern adversary tactics, techniques, and procedures used to exploit Identity and Access
• Strong foundation in information security principles, compliance frameworks, and risk management.

Preferred Skills:

• Industry Certifications: Relevant technical and security certifications such as CISSP, GIAC, GCIH, relevant network or cloud security certifications.
• Scripting/Automation: Proficiency in a scripting language (Python, KQL, SQL etc) for security automation tasks.
• Global Experience: Prior experience to work on multiple global projects with regional partners.
• Expertise in network security monitoring and threat detection methodologies within public cloud platforms (AWS, Azure, GCP, etc.).

The salary range for applicants for this position is $90,000 - $145,000.
Benefits We Offer
Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
About MetLife
Recognized on Fortune magazine's list of the 2024 "World's Most Admired Companies", Fortune World's 25 Best Workplaces™ for 2024, as well as the 2024 Fortune 100 Best Companies to Work For ®, MetLife , through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible . Join us!
Equal Employment Opportunity/Disability/Veterans
If you need an accommodation due to a disability, please email us at [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
$90,000 - $145,000