Security Consultant Cyber Regulatory

Role Value Proposition

This position will assist in strengthening the existing process in place to ensure he MetLife can continue to evaluate, document, assess and maintain compliance to existing and emerging cybersecurity regulations and guidelines.

The position will ensure that cybersecurity regulations and guidelines are monitored, documented and in alignment to the control framework. This role will also interface with Legal, Privacy, Compliance, Risk, Internal Audit, and other business stakeholders to assess implications of cybersecurity regulations. It will also assist in the coordination of responses to ad hoc and periodic compliance and regulatory exams, inquiries, and cybersecurity incident reporting efforts.

The effective execution of this role will enable global stakeholders to understand how local and regional cyber regulatory requirements are managed consistently, monitored regularly, and reported centrally. Communication with senior leadership will be a significant responsibility of this role and the ability to explain potentially complex cybersecurity requirements in a manner that is understandable to all levels is a necessity. Additionally, being able to answer direct questions on larger impacts to the organization will be required. Coordination between this role, IT/IP Legal Counsel, Corporate Compliance and Global Technology & Operations (GTO) functions is essential.

Key Responsibilities:

• Monitor and document the cybersecurity regulatory landscape leveraging enterprise repositories (Archer, OpenPages, PowerBi and other metrics)

• Assist in compliance reporting requirements including:

• Quarterly and Annual compliance attestations

• Cybersecurity incidents

• Manage and maintain the Cybersecurity Regulatory Change Management (RCM) process

• Assist in the facilitation of cybersecurity regulatory compliance, external and internal audit activities

• Coordinate regulatory requirements to align to the Process, Risk and Control (PRC) Framework

• Create and maintain metrics for Cybersecurity regulations and guidelines

• Research topics and concerns as they arise to identify a response to proposed regulations

• Represent Information Security in emerging regulatory and/or compliance discussions

Essential Business Experience and Technical Skills:

• 8-10 years of experience in Information Security, IT Audit, Compliance or IT Risk

• Prefer 2+ years experience performing SOX, SSAE18, and/or SOC2 audits or implementing compliance programs such as the NYDFS Cybersecurity regulation.

• Experience creating or updating a Process, Risk, and Control Framework in an IT organization with global responsibilities

• Experience with industry risk and control standards (ISO, NIST, COBIT, etc.)

• Strong verbal and written communication and presentation skills

• Ability to challenge and push back in a productive manner as necessary

• Effective project management skills to execute multiple separate work streams at one time

• CISA and/or CRISC Certification is preferred

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!

About MetLife

Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For , MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible. Join us!

Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.