Job Description

Role Value Proposition: 

Internal Audit (IA) is an independent global organization that plays an important role in partnering with the business to ensure that management anticipates, recognizes, and appropriately manages risks. We protect MetLife and our stakeholders through meaningful independent assurance and advice, while advocating for risk management and internal controls.

Audit reviews may be conducted in specialized areas, such as system implementations, cloud migrations, applications, infrastructure, and vendor management, requiring specific knowledge pertaining to the areas, policies or regulations being audited.

We’re looking for an experienced Senior IT Auditor that’s excited to be part of a dynamic and highly collaborative team. Someone that is comfortable sharing their ideas and is passionate about building client relationships and delivering high quality impactful results to stakeholders.    

Key Responsibilities: 

Auditing

•    Assist in audit work to assess the soundness, adequacy, compliance with MetLife Policy and use of best practices for MetLife IT processes, risks and controls.
•    Be aware of and understand the IT audit universe at a high level and how the audit projects align with and impact the risk assessments. 
•    Efficiently execute and document audit and issue remediation testing and document findings in the audit system.
•    Prepare audit deliverables that meet departmental and professional standards of quality.
•    Develop experience and auditing skills to cover a broad range of risks, including IT and business processes, technology, and data.

Project Management

•    Participate in projects, completing assigned tasks and responsibilities within budget and agreed timelines.
•    Communicate timely and appropriately with identified stakeholders within IA and business management. Exercise quick escalation to resolve project barriers and challenges. 

Relationship Management

•    Interface with auditees to request and organize evidence during audit work and track follow-ups and outstanding/unresolved items.
•    Consult with clients in developing action plans to resolve control issues or risks.
•    Maintain a positive working relationship with fellow auditors and auditees, sustaining ongoing relationships with key business contacts.

Essential Business Experience and Technical Skills: 

•    2-4 years IT internal or external audit experience 
•    Strong written and verbal communications skills, including listening and interviewing skills
•    Possesses intermediate understanding of: IT general controls (e.g., security, change management, disaster recovery & backup, infrastructure, etc.); SDLC/Agile methodologies, cybersecurity, and  cloud.
•    Possesses fundamental understanding of operating system and database platforms (e.g., mainframe, Active Directory, Windows, Linux, Oracle, etc.); network architecture; IT governance      processes; IT risk management and assessment processes. 
•    Possesses intermediate understanding of multiple frameworks such as IIA, COBIT, NIST, SOX, and PCI DSS v3.
•    Possesses intermediate understanding of auditing practices including risk assessment, performing walkthroughs, sampling and testing methodologies, and analysis of results for potential   exceptions/issues. 
•    Demonstrated success and abilities in the following: 

•    Leverage access to data and analytics tools to analyze populations of data of moderate complexity. Assess the results of analytics performed to draw control conclusions and areas of risk requiring additional research. 

•   Both perform tests of controls independently or provide oversight over a junior staff in the production of high quality workpapers within the timelines provided. 

Preferred Business Experience and Technical Skills: 

•    Bachelor’s degree 
•    Financial service industry experience 
•    Working toward or willing to work toward CISA, CIA, or CISSP certification