The Information Security Manager, will be responsible for the oversight and execution on MetLife's Applications and Cloud Security program at a Regional level including but not limited to, driving the application security testing and flaw remediation program in region and review configurations and security of cloud technologies, as well ensure appropriate processes are developed and running as expected.  This role must have a strong understanding and experience at identifying and eliminating risks on the various cloud platforms (including IaaS, PaaS, and SaaS).

This role is also responsible for team development and in addition, this person key responsibilities are:

Key Responsibilities: 

Information Security Manager, responsibilities include, but are not limited to:

1. Driving the execution of the EMEA Information Security program in region through work approaches that includes:
   1. Developing deep program policy, process and tool subject matter expertise
   2. Collaborating closely with Global program teams
   3. Support team members through training, governance and/or hands on with execution of the program in their countries as required
   4. Determine clear annual program goals and objectives
   5. Provide regular program updates to Head of Information Security in Region
2. Provide support to local teams, including: 
   1. Support Technology & Business Projects, ensuring compliance with IT Security Policies & Standards and MetLife technology stack
   2. Partner with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues
3. Coordinate Application Security review program in region, including: 
   1. Conduct Security reviews and recommendation for on prem applications as well as IaaS, PaaS, & SaaS Cloud environments
   2. Monitor and support remediation of issues around misconfigurations that might arise out of improper coding practices
   3. Keep up to date and learn new technologies/Cloud Platforms and ability to understand how security controls are implemented in the Cloud
   4. Evaluate new applications architecture designs, Network Security and Encryption protocols and make recommendations
   5. Interface with vendors to ensure the appropriate tools, configurations, and workflows are in place
4. Develop the Information Security professionals in team.

1. 6+ years professional IT Risk and Information Security related experiences in Financial services.
2. 3+ years managing technology teams.
3. 2+ Years of Experience with any of the major public Cloud platforms (AWS/Azure/GCP) and ability to translate different security domains into controls at different layers within the cloud.
4. Expertise and experiences in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organization.
5. IT Risk or Information Security Certification on Application or Cloud Security or similar preferred – e.g. CEH, OSCP, CCSP, CCSK, CCC-PCS, CISSP, etc..
6. Execution and Results oriented; Ability to transparently execute against plan.
7. Good English language skills both oral as well as written; Additional languages knowledge preferred.
8. Good analytical and report presentation skills.
9. Ability to work independently with a structured approach.  Strong excel, PowerPoint and Visio skills.