Specialist - Technology Services

Position Summary

The Senior Network Security Analyst for Web Application Firewall and Network Security is responsible for enhancing MetLife's cybersecurity framework by offering specialized knowledge in Web Application Firewall and network security device. This position focuses on managing and refining processes to ensure that externally accessible enterprise applications and APIs are properly secured and monitored. In addition to possessing robust technical expertise in web application firewalls and various network devices, the role demands exceptional organizational skills, strong communication and collaboration abilities with colleagues and management at all levels, as well as the capacity to adapt swiftly to evolving threats and shifting priorities.

Key Responsibilities: 

• Configure the application in Akamai and enable the policy in monitor mode to record the traffic for subsequent analysis.
• Evaluate the false positive report for the onboarded application and transition the application from monitoring mode to protected mode without causing any disruption to legitimate traffic.
• Adjust and optimize the security policy to effectively prevent all attack traffic related to WAF, BOT, and DDoS for the integrated applications.
• Investigate the problem associated with Akamai and deliver a resolution along with a root cause analysis.
• Ensure security standards and baseline policies are in place on critical applications that are hosted on SaaS WAF tool
• Gain a solid understanding of Web application firewalls, various security features and help deploy those features efficiently.  
• Work with the firewall engineering team to ensure firewalls are properly configured according to industry best practices and MetLife standards
• Proactively identify and make recommendations on potential security issues and solutions.
• Responsible for helping create a firewall analytics and dashboarding process based on Splunk
• Maintain and document security policy, standards and process for Web Application Firewalls

Knowledge, Skills and Abilities

Education

• Bachelor’s degree in computer science, information systems or related field, or equivalent work experience

• Candidate must have a combined minimum of 4-7 years hands on experience in the fields of IT and Cyber Security
• Experience managing, implementing, and supporting the core functions of Akamai Kona Site Defender
• Experience with Cisco routers, Palo Alto firewalls; Experience with Load Balancer; Experience with SolarWinds Network Performance Monitor and Network Configuration Manager; Ability to interpret PCAPs; Experience with Bluecoat, WAF.

Knowledge and skills (general and technical)

• Strong grasp of operational processes, IT general controls, security controls and vulnerability management
• Familiarity with the OWASP Top 10, as well as understanding bot traffic and DDoS attack patterns.
• Possesses extensive expertise in Certificates, DNS, and Application Layer Protocols.
• Candidate must have experience working in complex, diverse and international environments and possess excellent communication and presentation skills
• Ability to lead and influence team members and cross-functional teams 
• Experience managing projects involving interdepartmental teams and external vendors / third parties
• Experience in application security best practices and how to mitigate common attack vectors

• Ability to perform basic scripting to analyze and automate repeatable processes
• Relevant industry certifications such as CISM, CISSP, CISA, CCNA-Security, Security+, Terraform, MCSE, GSEC, GIAC, PMP, LEAN and Six Sigma are desired

Working Relationships

• All Internal GOSC Stake Holders

External Contacts 

(and purpose of relationship) – If Applicable

• Stateside Client/ Engineers from different regional Security teams