MetLife
Principal Cloud Security Engineer
MetLife, Cary, North Carolina, United States, 27518
Role Value Proposition
This role serves as a key member of the cloud security team, within Information Security, focusing on security controls for the generative AI environments along with cloud platforms. The primary focus will be securing cloud and AI technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
Key Responsibilities:
Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on AI and Cloud security projects and issues
Defining security controls for Cloud-native and On-Premise Security tools and applications.
Conducting security reviews and recommendations for IaaS, PaaS, & SaaS Cloud environments
Developing Cloud Security requirements documentation for IaaS, PaaS, and CaaS environments.
Defining Network Security and Encryption evaluation and recommendations for complex infrastructure.
Designing and implementing controls with Microsoft Defender suite, AWS security hub, Google Cloud Security command center, and equivalent security tools.
Securing Containerized environments and ability to identify security vulnerabilities.
Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place
Developing data protection proposals using Data loss prevention (DLP), Data discovery/classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
Required:
5+ years of experience with Google Cloud, Microsoft Azure, and AWS Infrastructure as a Service and Platform as a Service environment. Awareness of Data Sovereignty and privacy controls around the world and the ability to translate that to security control that can be applied in Public cloud environments.
5+ years of experience with Cloud-native security controls in different Cloud environments.
At least 4 years of experience with Data Loss Prevention tools for Website uploads, Endpoint Data Loss Prevention, and Network Data Loss Prevention.
Minimum of 1 year working on security tools for Containers and microservices environments.
At least one Industry-recognized cloud security certification (CCSP, CCSK, CCC-PCS, etc.)
Bachelor's degree in technology or related field required and Minimum of 6+ years in different information Security domains or no degree and 10+ years' experience.
Preferred:
Proven experience with AI/ML technologies and experience implementing security controls to monitor and secure platforms using these technologies.
Industry-recognized information security certifications are preferred (CISSP).
1 Year of Experience with Cloud Access Security Broker Tools like Bitglass, Netskope, or M-Vision (Skyhigh) for Data Loss Prevention for SaaS-based applications.
Strong ability to communicate to stakeholders with various levels of expertise
Strong record of success in supporting large-scale programs, preferably in a global organization.
Excellent verbal and written communication skills
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.
Equal Employment Opportunity/Disability/Veterans
If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
This role serves as a key member of the cloud security team, within Information Security, focusing on security controls for the generative AI environments along with cloud platforms. The primary focus will be securing cloud and AI technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
Key Responsibilities:
Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on AI and Cloud security projects and issues
Defining security controls for Cloud-native and On-Premise Security tools and applications.
Conducting security reviews and recommendations for IaaS, PaaS, & SaaS Cloud environments
Developing Cloud Security requirements documentation for IaaS, PaaS, and CaaS environments.
Defining Network Security and Encryption evaluation and recommendations for complex infrastructure.
Designing and implementing controls with Microsoft Defender suite, AWS security hub, Google Cloud Security command center, and equivalent security tools.
Securing Containerized environments and ability to identify security vulnerabilities.
Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place
Developing data protection proposals using Data loss prevention (DLP), Data discovery/classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
Required:
5+ years of experience with Google Cloud, Microsoft Azure, and AWS Infrastructure as a Service and Platform as a Service environment. Awareness of Data Sovereignty and privacy controls around the world and the ability to translate that to security control that can be applied in Public cloud environments.
5+ years of experience with Cloud-native security controls in different Cloud environments.
At least 4 years of experience with Data Loss Prevention tools for Website uploads, Endpoint Data Loss Prevention, and Network Data Loss Prevention.
Minimum of 1 year working on security tools for Containers and microservices environments.
At least one Industry-recognized cloud security certification (CCSP, CCSK, CCC-PCS, etc.)
Bachelor's degree in technology or related field required and Minimum of 6+ years in different information Security domains or no degree and 10+ years' experience.
Preferred:
Proven experience with AI/ML technologies and experience implementing security controls to monitor and secure platforms using these technologies.
Industry-recognized information security certifications are preferred (CISSP).
1 Year of Experience with Cloud Access Security Broker Tools like Bitglass, Netskope, or M-Vision (Skyhigh) for Data Loss Prevention for SaaS-based applications.
Strong ability to communicate to stakeholders with various levels of expertise
Strong record of success in supporting large-scale programs, preferably in a global organization.
Excellent verbal and written communication skills
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.
Equal Employment Opportunity/Disability/Veterans
If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.