天津招聘

The role will be responsible for managing MetLife IT security processes and projects. The role involves ensuring compliance monitoring to IT security policies and standards and assists the IT risk & security officer implement various security initiatives. The person will be responsible for overseeing compliance to information security projects.

 

Key Responsibilities

1. Monitor compliance to IT security policies and initiate necessary actions to mitigate the risks; Ensure non-compliance to MetLife information security policies and standards is highlighted in risk level.

2. Monitor emerging cyber threats and possess the ability to correlate potential impact to MetLife. Provide management and key support staff with detailed information on threats with current remedial measures in place

3. Plan and oversee timely action on IT security project activities and implementation of security projects, e.g. PCI DSS, ISO27001, System Log Monitor and Access Management etc.

4. Monitor company network security activities, review OS and DB security log using security tools.

5. Ensure application development complies with IT Security Standards and policies and track all the findings to closure.

6. Ensure compliance to train development staff on Secure Application development training.

7. Plan and conduct risk assessment for third party MetLife vendors.

8. Identify and implement process improvements, document and modify review processes as and when required

9. Problem resolution and Security Incident Management; Support corporate investigations and incident activities as well as other Business Unit/s Information Risk initiatives.

10. Co-ordination with other business units and regional security team for mitigation of risks activities; supporting business units for their security requirements.

11. Respond to ad-hoc request on security aspects (these are unplanned activities).      

12. Security dashboard and management reporting, communicate issues, solutions and status to management.

 

Qualifications

1. Adequate knowledge of Information Security concepts and domains.

Knowledge and experience in running information security projects, including PCI DSS implementation or compliance assessment.

2. In depth knowledge of operating system technologies like Windows, Linux, UNIX.

3. In depth knowledge of networking, system and security administration, security best practices, any one of security certifications CISA, CISM, CISSP along with Microsoft and network domain certifications.

4. Knowledge of all the known security mechanism like authentication, authorization, logging, cryptography and the associated threats.

5. Interaction with Business Analysis, Development teams, Application Support Teams, and other internal teams in IT department.

6. Interaction with the IT Auditors to close audit items.

 

Below experience will be value-added.

1. Technical experiences spanning various activities like requirement, designing, development, implementation covering application security and their remediation.

2. Security operation working experiences in finance industry will be a benefit, including PCI DSS, ISO27001, IT DRP drill, DLP, DB and firewall/IDS security monitoring etc.

3. Ability and experience to work with a regional or global team.

中美联泰大都会人寿保险有限公司由中美大都会和联泰大都会两家寿险公司合并而来，合并方案于2011年3月获得保监会批准，4月12日获工商行政管理部门核准并正式更名。新公司以上海为法定注册地，并采用北京、上海双总部的运营模式。4月19日，中美联泰大都会人寿保险有限公司在上海正式挂牌成立。凭借美国大都会集团在保险业的丰富经验以及上海联和投资有限公司对中国市场的深刻认识，大都会人寿致力于为中国消费者提供值得信赖和专业的保险方案。大都会人寿通过顾问行销、银行保险、直效行销和团险等多元渠道，为全国各地超过二十多个城市的消费者提供人寿、健康、意外及储蓄型保险产品等保险服务。
原联泰大都会人寿保险有限公司于2005年8月10日在上海正式成立，公司注册资本5亿元人民币（08年追加到7亿元人民币），由上海联和投资有限公司和美国大都会集团下属公司各持50%股份组建而成。
上海联和投资和美国大都会人寿同时是总部在上海的联泰大都会人寿的股东，这样中美大都会人寿与联泰大都会人寿两家公司正式合并。合并后新公司的名称为“中美联泰大都会人寿保险有限公司”，简称“大都会人寿”。