Job Description

Role Value Proposition:

MetLife Global Technology Operations (GTO) Information Security (InfoSec) Risk Management is responsible for strategy, oversight, and execution of the MetLife’s IT global issue management program and the maturity of MetLife’s IT Risk Management Program utilizing RSA Archer eGRC (Governance, Risk and Compliance).

The goal of the program is to integrate risk management, internal controls, assurance, compliance processes cross-functionally and deploy IT Risk Register to improve MetLife’s operational effectiveness and strengthened audit readiness and regulatory compliance.

Strong candidate will be able to demonstrate solid risk management and direct experience with RSA Archer eGRC design and execution of risk program including the support of on-going initiatives for the broader ERM Programs and GTO Business Controls teams.  The candidate will be responsible for establishing and coordinating integrated processes to manage risk, compliance, internal controls, and resolution of related issues throughout MetLife and creating and maintaining governance cadence to ensure compliance with Enterprise GRC requirements.

Key Responsibilities:

Serve as expert for RSA Archer within the IT Risk Management Organization responsible for driving  IT risk methodology across GTO
Execution of enterprise Governance. Risk and Compliance (eGRC) program with a focus on driving the maturity of IT Risk Programs by identifying ecosystem-wide impacts, cross-solution dependencies, roadblocks, gaps in delivery, as well as prioritization of risk team objectives
Work closely and collaborate with Archer Solution owners to implement workflow and arears of process improvement
Contribute to ongoing reporting and updates on eGRC Archer program to Enterprise Operational Risk Management and GTO Business Control teams
Assist in ongoing efforts to improve data analytics and reporting capabilities from Archer eGRC
Partner closely with Enterprise Operational Risk Management and GTO Business Controls team
Conduct quality reviews of information/data and adherence to workflow requirements in Archer
Resolve roadblocks and provide team collaboration
Support management in preparing various risk dashboard and reporting
Assist in the development, analysis, and recommendations for program enhancements

Essential Business Experience and Technical Skills:

Required:

Proven track record in managing key aspects of a GRC or integrated Risk Management Program in large matrixed organization preferably in insurance or financial  sector
Able to independently manage GRC program with minimal supervision, multi-task, deal with ambiguity and to consistently deliver high-quality results in a regulated and changing corporate environment  
RSA Archer configuration and primary implementation experience with GRC (workflow, integrations, data feeds)
Experience with translating requirements to system functionality
10+ years of applicable and proven experience in insurance, banking, or other financial services institution.
Ability to work effectively with key partners (e.g., GRM, Investments, Legal, Finance, etc.). 
Be able to work independently and detail oriented
Strong presentation, communication and organizational skills are a prerequisite
Team player who can adapt to changing priorities
Good business acumen and ability to connect analytical insights with business decisions
Strong technical skills using Microsoft Excel, Access, PowerPoint), as well as ability to quickly learn new risk management tools and concepts

Preferred:

Advanced degree preferred (e.g., MBA or master’s degree in IT or CyberSecurity)
Proficient in Archer eGRC development, Archer Advanced Workflow, Subject matter expert for RSA Archer eGRC SmartSuite with knowledge of Archer system architecture and core concepts related to Governance, Risk Management and Compliance, dashboards, iVews, mail merge. Practical experience gathering business requirements, conceptualizing or designing solutions.
Archer certification v5.x and/or V6x preferred