M

Senior GRC Security Specialist

Metlife Legal Plans
Full-time
On-site
United States
Security Specialist

MetLife Legal Plans is currently hiring a Senior GRC Security Specialist for our growing Technology Department.

This position is fully remote. The ideal individual may be located anywhere in the continental United States.

This individual will report directly into our Senior Director of Engineering.

Who We Are:

MetLife Legal Plans is the country's largest provider of legal voluntary benefits. We have more than 40 years of experience in employee legal services and are committed to providing excellent care to our plan members, sponsors and 18,000+ attorneys.

We are trusted by nearly 7 million families and more than 200 Fortune 500 companies who offer our service as an employee benefit.

It’s an exciting time to join our team. We are growing quickly and have a bold vision for our future as we evolve our company to dream bigger, move faster, and use creativity and technology to build products people love.

MLP's Core 4:

  • Put customers first
  • Be the Best
  • Make things easier
  • Succeed together

The Senior GRC Security Specialist is a professional who holds a role in managing and enhancing MetLife Legal Plans' Technology risk management and security practices. This individual is responsible for overseeing the development, implementation, and continuous improvement of strategies and measures to identify, assess, and mitigate Technology-related risks. The Technology GRC Security Specialist plays a critical role in safeguarding the MLP's information assets and ensuring compliance with relevant laws, regulations, and industry standards.

A Senior GRC Security Specialist should possess a strong background in Technology risk management, cybersecurity, and information security. Effective communication skills, and the ability to collaborate with various stakeholders are essential for success in this role. Staying informed about industry trends, emerging threats, and changes in regulatory requirements is also crucial.

A day in the life of a Senior GRC Security Specialist at MetLife Legal Plans: 

Risk Management Leadership:

  • Development and implementation of MLP's technology risk management framework.
  • Completing risk assessments, identifying potential risks, and assessing the impact on MLP systems and data.

Security Policy Development:

  • Playing a key role in the development and auditing of MLP security policies, standards, and procedures for our technology department and solutions.
  • Ensuring that security policies align with industry best practices and regulatory requirements.

Security Architecture and Design:

  • Providing input in designing secure architectures and solutions.
  • Collaborating with teams in Technology to ensure that security is integrated into system and application designs.

Security Awareness and Training:

  • Helping to develop and deliver security awareness and training programs for employees.
  • Promoting a culture of security awareness throughout MLP.

Compliance Oversight:

  • Ensuring that MLP Technology applications and practices comply with relevant laws, regulations, and industry standards.
  • Conducting regular audits to verify compliance and addressing any identified issues.

Security Technology Evaluation:

  • Evaluating and recommending security technologies, tools, and solutions.
  • Keeping abreast of emerging cybersecurity technologies and recommending their adoption.

Collaboration with Technology Teams:

  • Collaborating with Technology teams, including network and application engineering, and system administrators.
  • Providing guidance on security best practices and monitoring the implementation of security controls.

Security Risk Communication:

  • Effectively communicating security risks, strategies, and mitigation plans to leadership and relevant stakeholders.
  • Translating technical security concepts into business-oriented language.

Questionnaire Review:

  • Analyzing security questionnaires received from Sponsors or third-party vendors.
  • Evaluating responses to assess the security controls, practices, and policies in place.
  • Guiding auditors through MLP's Technology environment, including systems, networks, and security measures.
  • Managing and organizing audit-related documentation, ensuring accuracy and completeness.
  • Addressing queries and concerns raised by auditors during the audit process.
  • Collaborating with internal teams to resolve issues promptly and efficiently.

Contract Negotiation:

  • Supporting contract negotiations with Sponsors.
  • Helping to ensure that contracts include appropriate terms, conditions, and service level agreements from a security perspective.

Travel:

Occasional travel may be required. 10% or less expected. 

Note: This job description in no way states or implies that these are the only duties to be performed by the associate in this position. Associates will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent will possess the skills, aptitude, and ability to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities. This document does not create an employment contract, implied or otherwise, other than an “at-will” relationship.

Apply now
Share this job
Twitter Facebook Linkedin Email