Job Description

Role Value Proposition:

This position will own and evolve the MetLife IT Process, Risk, and Control (PRC) Framework, the central foundational element from which all risk activities are aligned. The position will ensure that risk findings, risk reporting, risk assessments, and other risk activities are in alignment to the PRC as well as update, modify, and improve the PRC to reflect changes in the company, the industry, and to align with company strategy. This role will also interface with Internal Audit and other business stakeholders to facilitate the efficient execution of audits and assessments done within IT.

There is a need from the business to have a consistent and standardize means of reporting and making decisions about IT risk and the PRC provides that touchstone that allows many groups within the enterprise to speak the same language when it comes to IT. The effective execution of this role will enable global stakeholders to understand how local and regional IT concerns affect them and be able to discuss these concerns with others throughout the enterprise in a way that reduces confusion and increases efficiency. Communication with senior leadership will be a significant responsibility of this role and the ability to explain potentially complex IT risks in a manner that is understandable to all levels is a necessity. Additionally, being able to answer direct questions on larger impacts to the organization will be required. Working collaboratively and effectively with off-shore and contractor resources to accomplish these goals is expected. Coordination between this role and the IT Risk Guidance and IT Risk Operations groups is essential.

Key Responsibilities:

* Implement the Process, Risk and Control (PRC) Framework throughout IT
* Facilitate compliance, external, and internal audit activities
* Update and maintain the PRC based on input from stakeholders and industry trends
* Research IT risk topics and concerns as they arise to identify a response aligned to PRC
* Represent IT Risk Management in emerging regulatory and/or compliance discussions

Essential Business Experience and Technical Skills:

Required:

* 8+ years of experience in IT Security, IT Audit, or IT Risk
* Experience creating or updating a Process, Risk, and Control Framework in an IT organization with global responsibilities
* Experience with industry risk and control standards (ISO, NIST, COBIT, etc.)
* Strong verbal and written communication and presentation skills
* Ability to challenge and push back in a productive manner when needed
* Effective project management skills to execute multiple separate work streams at one time

Preferred:

* CISA, CISM, CISSP and/or CRISC Certification
* 2+ years experience performing SOX, SSAE18, and/or SOC2 audits or implementing compliance programs such as the NY DFS Cyber law
* Bachelors in related field

Business Category

IT Risk & Security

Number of Openings

1

At MetLife, were leading the global transformation of an industry weve long defined. United in purpose, diverse in perspective, were dedicated to making a difference in the lives of our customers.

MetLife:

MetLife, through its subsidiaries and affiliates, is one of the worlds leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

We are one of the largest institutional investors in the U.S. with $651 billion of total assets under management as of September 30, 2020. We are ranked 48 on the Fortune 500 list for 2020. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

Requisition : 116441