Seeking a senior legal leader with extensive experience in cybersecurity and privacy to provide strategic legal guidance and lead legal response for cyber incidents. Responsibilities include establishing legal strategies, advising on compliance and governance, and collaborating with senior leaders and external regulators.
Description and Requirements
The Team You Will Join
In Government & Legal Affairs, you'll be an engaged and trusted partner - empowered to deliver innovative solutions, influence public policy, and achieve results that enable MetLife's growth and protect its global interests. Applying a commercial and contemporary mindset, you'll advocate for what's possible, overcome challenges, and embrace different perspectives. If you also pride yourself on acting with accountability, transparency, and respect, apply to join our Government & Legal Affairs team today.
The Opportunity
MetLife is seeking a senior legal leader with deep global cybersecurity and privacy expertise to serve as the enterprise lead for cybersecurity and privacy legal risk and as a key member of the GEBI leadership team. This role functions as the principal legal advisor to MetLife's Information Security organization and provides strategic, enterprise wide legal guidance on cybersecurity, data protection, and privacy governance laws and regulations across all regions and business lines. The role partners closely with senior leaders across Government & Legal Affairs, Compliance, Privacy, Information Security, Global Technology & Operations, and the businesses to shape risk informed decision making and align legal strategy with MetLife's broader business objectives.
Key Responsibilities
As a senior legal leader, serves as MetLife's enterprise lead for cybersecurity and privacy legal risk, setting strategy and priorities and delivering consistent, high-quality legal support across regions and business lines, including:
Enterprise strategy, governance and leadership :
* Owns the cybersecurity and privacy legal strategy and operating model; establishes standards, playbooks, escalation paths, and risk tolerances aligned to enterprise objectives.
* Acts as principal legal advisor to Information Security leadership and a key partner to the Chief Privacy Office, Compliance, Risk, Technology and business leadership; influences senior decision-making through risk-based guidance.
* Represents Government & Legal Affairs in senior governance forums and drives alignment on complex, high-impact initiatives (e.g., cloud and transformation programs, data strategy, AI/analytics enablement, and enterprise resilience activities).
Incident response and regulatory engagement (cybersecurity and privacy):
* Serves as lead legal point of contact for significant cybersecurity incidents and privacy incidents, directing legal response, strategy, investigation oversight, notification analysis, and remediation support in partnership with Information Security, Privacy, Compliance and Communications, and colleagues in other legal areas.
* Leads legal readiness for enterprise incident response (tabletops, playbooks, training) and advises on third-party breach response, client ransomware events, and client-facing communications.
* Owns legal strategy for regulator and law enforcement engagement related to cyber and privacy events; supports examinations, inquiries, and investigations and drives defensible, timely responses. Partners closely with Government Affairs colleagues on regulatory engagement.
Privacy-by-design, product/technology enablement and data protection:
* Provides strategic legal advice on global privacy and data protection requirements (e.g., GDPR, CCPA, HIPAA/HITECH and other applicable regimes) across products, services, marketing, HR, and operations.
* Advises on privacy-by-design and cybersecurity-by-design for new and existing technologies, including cloud, digital channels, data sharing, cross-border transfers, analytics, and AI/ML use cases; partners on governance, controls, and documentation to enable compliant innovation.
Required Qualifications
Business Knowledge/Technical Skills:
* 15+ years legal experience with deep cybersecurity and privacy/data protection expertise; financial services and in-house experience preferred.
* Significant cyber and privacy incident response experience (investigations, privilege strategy, remediation, breach notification and regulator engagement).
* Strong knowledge of global privacy/data protection and cybersecurity requirements applicable to the role (e.g., GDPR, CCPA/CPRA, HIPAA/HITECH; NYDFS/NAIC-related requirements as applicable) and ability to translate them into practical guidance.
* Ability to support complex technology and data-enabled initiatives (cloud, digital channels, data sharing, analytics and AI/ML), including privacy-by-design and security-by-design.
* Familiarity with security frameworks and control environments (e.g., NIST, ISO 27001/27002) and enterprise policy/program development (standards, playbooks, training).
* Experience negotiating cybersecurity and privacy terms in complex commercial/vendor agreements; supporting third-party risk and strategic sourcing; and leading cyber/privacy diligence for strategic transactions (including M&A).
Demonstrates baseline AI fluency, including the ability to effectively and responsibly use approved AI tools to enhance productivity, decision-making, and work quality. Understands AI capabilities, limitations, and ethical considerations, and applies AI in alignment with company policies, data privacy standards, and business objectives.
Leadership/Management Competencies:
* Proven people leadership (including leading senior professionals and/or managers): sets strategy and priorities, allocates resources, develops talent and succession.
* Trusted advisor with executive presence; influences outcomes in a matrixed, global environment through sound, risk-based judgment.
* Excellent communication and negotiation skills; able to simplify complex cyber/privacy issues and drive timely decisions on high-risk matters.
* Solution-oriented and operationally disciplined; leads through change while maintaining strong governance.
Preferred Qualifications
Location Expectation: This is a hybrid role requiring a minimum of 3 days per week in office.
The expected salary range for this position is $238,800 - $318,300 . This role may also be eligible for annual short-term incentive compensation and stock-based long-term incentives. All incentives and benefits are subject to the applicable plan terms.
Benefits We Offer
Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, paid time off, paid holidays, volunteer time off, tuition assistance and much more!
About MetLife
Recognized on Fortune magazine's list of the "World's Most Admired Companies", Fortune World's 25 Best Workplaces™, as well as the Fortune 100 Best Companies to Work For®, MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by our core values - Win Together, Do the Right Thing, Deliver Impact Over Activity, and Think Ahead - we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible . Join us!
MetLife is an Equal Opportunity Employer. All employment decisions are made without regards to race, color, national origin, religion, creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, marital or domestic/civil partnership status, genetic information, citizenship status (although applicants and employees must be legally authorized to work in the United States), uniformed service member or veteran status, or any other characteristic protected by applicable federal, state, or local law ("protected characteristics").
If you need an accommodation due to a disability, please email us at [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
#BI-Hybrid
The Team You Will Join
In Government & Legal Affairs, you'll be an engaged and trusted partner - empowered to deliver innovative solutions, influence public policy, and achieve results that enable MetLife's growth and protect its global interests. Applying a commercial and contemporary mindset, you'll advocate for what's possible, overcome challenges, and embrace different perspectives. If you also pride yourself on acting with accountability, transparency, and respect, apply to join our Government & Legal Affairs team today.
The Opportunity
MetLife is seeking a senior legal leader with deep global cybersecurity and privacy expertise to serve as the enterprise lead for cybersecurity and privacy legal risk and as a key member of the GEBI leadership team. This role functions as the principal legal advisor to MetLife's Information Security organization and provides strategic, enterprise wide legal guidance on cybersecurity, data protection, and privacy governance laws and regulations across all regions and business lines. The role partners closely with senior leaders across Government & Legal Affairs, Compliance, Privacy, Information Security, Global Technology & Operations, and the businesses to shape risk informed decision making and align legal strategy with MetLife's broader business objectives.
Key Responsibilities
As a senior legal leader, serves as MetLife's enterprise lead for cybersecurity and privacy legal risk, setting strategy and priorities and delivering consistent, high-quality legal support across regions and business lines, including:
Enterprise strategy, governance and leadership :
* Owns the cybersecurity and privacy legal strategy and operating model; establishes standards, playbooks, escalation paths, and risk tolerances aligned to enterprise objectives.
* Acts as principal legal advisor to Information Security leadership and a key partner to the Chief Privacy Office, Compliance, Risk, Technology and business leadership; influences senior decision-making through risk-based guidance.
* Represents Government & Legal Affairs in senior governance forums and drives alignment on complex, high-impact initiatives (e.g., cloud and transformation programs, data strategy, AI/analytics enablement, and enterprise resilience activities).
Incident response and regulatory engagement (cybersecurity and privacy):
* Serves as lead legal point of contact for significant cybersecurity incidents and privacy incidents, directing legal response, strategy, investigation oversight, notification analysis, and remediation support in partnership with Information Security, Privacy, Compliance and Communications, and colleagues in other legal areas.
* Leads legal readiness for enterprise incident response (tabletops, playbooks, training) and advises on third-party breach response, client ransomware events, and client-facing communications.
* Owns legal strategy for regulator and law enforcement engagement related to cyber and privacy events; supports examinations, inquiries, and investigations and drives defensible, timely responses. Partners closely with Government Affairs colleagues on regulatory engagement.
Privacy-by-design, product/technology enablement and data protection:
* Provides strategic legal advice on global privacy and data protection requirements (e.g., GDPR, CCPA, HIPAA/HITECH and other applicable regimes) across products, services, marketing, HR, and operations.
* Advises on privacy-by-design and cybersecurity-by-design for new and existing technologies, including cloud, digital channels, data sharing, cross-border transfers, analytics, and AI/ML use cases; partners on governance, controls, and documentation to enable compliant innovation.
Required Qualifications
Business Knowledge/Technical Skills:
* 15+ years legal experience with deep cybersecurity and privacy/data protection expertise; financial services and in-house experience preferred.
* Significant cyber and privacy incident response experience (investigations, privilege strategy, remediation, breach notification and regulator engagement).
* Strong knowledge of global privacy/data protection and cybersecurity requirements applicable to the role (e.g., GDPR, CCPA/CPRA, HIPAA/HITECH; NYDFS/NAIC-related requirements as applicable) and ability to translate them into practical guidance.
* Ability to support complex technology and data-enabled initiatives (cloud, digital channels, data sharing, analytics and AI/ML), including privacy-by-design and security-by-design.
* Familiarity with security frameworks and control environments (e.g., NIST, ISO 27001/27002) and enterprise policy/program development (standards, playbooks, training).
* Experience negotiating cybersecurity and privacy terms in complex commercial/vendor agreements; supporting third-party risk and strategic sourcing; and leading cyber/privacy diligence for strategic transactions (including M&A).
Demonstrates baseline AI fluency, including the ability to effectively and responsibly use approved AI tools to enhance productivity, decision-making, and work quality. Understands AI capabilities, limitations, and ethical considerations, and applies AI in alignment with company policies, data privacy standards, and business objectives.
Leadership/Management Competencies:
* Proven people leadership (including leading senior professionals and/or managers): sets strategy and priorities, allocates resources, develops talent and succession.
* Trusted advisor with executive presence; influences outcomes in a matrixed, global environment through sound, risk-based judgment.
* Excellent communication and negotiation skills; able to simplify complex cyber/privacy issues and drive timely decisions on high-risk matters.
* Solution-oriented and operationally disciplined; leads through change while maintaining strong governance.
Preferred Qualifications
- Prior in-house experience.
- Experience in financial services and/or insurance
- Prior leadership/management of attorneys.
Location Expectation: This is a hybrid role requiring a minimum of 3 days per week in office.
The expected salary range for this position is $238,800 - $318,300 . This role may also be eligible for annual short-term incentive compensation and stock-based long-term incentives. All incentives and benefits are subject to the applicable plan terms.
Benefits We Offer
Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, paid time off, paid holidays, volunteer time off, tuition assistance and much more!
About MetLife
Recognized on Fortune magazine's list of the "World's Most Admired Companies", Fortune World's 25 Best Workplaces™, as well as the Fortune 100 Best Companies to Work For®, MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by our core values - Win Together, Do the Right Thing, Deliver Impact Over Activity, and Think Ahead - we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible . Join us!
MetLife is an Equal Opportunity Employer. All employment decisions are made without regards to race, color, national origin, religion, creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, marital or domestic/civil partnership status, genetic information, citizenship status (although applicants and employees must be legally authorized to work in the United States), uniformed service member or veteran status, or any other characteristic protected by applicable federal, state, or local law ("protected characteristics").
If you need an accommodation due to a disability, please email us at [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
#BI-Hybrid
MetLife New York, New York, USA Office
MetLife New York City, NY Office
200 Park Ave, New York, NY, United States, 10166
MetLife Bridgewater, New Jersey, USA Office
MetLife Bridgewater, NJ Office
501 Route 22, Bridgewater, NJ, United States, 08807
MetLife Whippany, New Jersey, USA Office
MetLife Whippany, NJ Office
One MetLife Way, Whippany, NJ, United States, 07981
Similar Jobs at MetLife
9 Hours Ago
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The role involves business development and asset origination in agribusiness lending, managing relationships and loan structuring, as well as collaborating with credit analysts and loan closing teams.
Top Skills:
Moody'S CreditlensMs Office SuiteRiskcalc
3 Days Ago
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
As a Customer Care Advocate, you will guide customers, solve challenges, and ensure exceptional service in a contact center environment. Responsibilities include training, adapting to new technologies, and meeting key performance indicators.
Top Skills:
ApplicationsComputer Systems
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The STD Unit Leader ensures team performance in claim management, customer service, and expense management while providing guidance, removing obstacles, and analyzing data to achieve business objectives.
What you need to know about the NYC Tech Scene
As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.
Key Facts About NYC Tech
- Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
- Key Industries: Artificial intelligence, Fintech
- Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
- Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory
