Senior IT Risk And Security Consultant

Role Value Proposition:

The Global Security Audit and Advisory team is part of the Global Security Governance, Risk, Compliance, and Awareness department within the Global Technology Organization. The team performs an important role in partnering with the business units, global technology, operations, and audit to ensure that management anticipates, recognizes, and appropriately manages risks. Specifically, the GS Risk, Controls, and Compliance is responsible for overseeing the external audit engagements to include various SSAE18 reports, SOX compliance, PCI, and HIPPA, and ensuring MetLife has processes and controls in place to meet our growing legal, regulatory, and security requirements.

Success in this role requires the ability to manage projects, to problem solve and collaborate with stakeholders internal and external to the team, and to collaborate and communicate effectively with different levels of management. The Senior IT Risk and Security Consultant is responsible for managing the audit activities - planning and coordinating audit walkthroughs, facilitating the collection of audit evidence, supporting the audit testing, and partnering with process and control owners to remediate exceptions and enhance controls. You'll collaborate closely with the external and internal auditors, technology and application owners, and Global Security leaders in an environment where every contribution is respected, and every perspective is heard.

This is an exciting opportunity to partner with leaders across global security and technology to enhance MetLife's control environment. By coordinating the audit activities, you help ensure MetLife meets its control obligations for its customers. The role provides visibility and collaboration with leadership globally and in support of many different technologies and functional areas.

Key Responsibilities:

• Responsible for coordinating the activities of the external audits, SOX and SSAE18 SOC1 and SOC2 working closely with external auditors, control owners, and client-facing team.

• Work with the auditors and process and control owners as the point person in key audit-related activities such as communication of the controls and audit objectives, coordinate audit walkthroughs, track and fulfill evidence requests to support compliance audits such as Sarbanes Oxley, SSAE 18 SOC 1 and SOC 2, and ISO 27001.

• Partner with process and control owners to ensure MetLife technology controls are in place and accurately reflected in the audit results. This position will also be involved in the documentation of control procedures, process narratives, and monitoring of audit corrective action plans.

• Partner with technology teams to ensure controls are designed effectively and documented sufficiently.

• Develop remediation plans and control enhancements for audit exceptions and issues.

• Manage internal team reporting and metrics to provide visibility to the audit progress and outcomes.

• Build relationships with process and control owners and technology leadership to improve audit results.

Essential Business Experience and Technical Skills:

Required:

• Bachelor's degree from an accredited college or university with major coursework in accounting, finance, IT, business administration or a closely related field.

• 5 years of experience in IT risk and compliance (preferred), internal audit, or IT risk advisory with a strong understanding of audit processes and engagements.

• Strong understanding of Information Technology, controls, and IT Security.

• Working knowledge of Sarbanes-Oxley, SSAE18 SOC 1 and SOC2 requirements.

• Basic knowledge of technology and information systems - server and database technology such as Windows, Linux, Oracle, SQL, and other technology platforms.

• Organizational skills: time management, prioritization, and delegation.

Preferred:

• Experience managing medium or high-complexity projects.

• Power BI, SharePoint, data analytics, and reporting experience.

• Collaborative and team-oriented.

• Industry certifications - security (CISSP, CISM), technology certification (ITIL), or audit (CISA, CIA, CPA).

• Experience consulting or auditing technology operations, Information Security, Identity, and Access controls.

At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.

Benefits We Offer

Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!

About MetLife

Recognized on Fortune magazine's list of the 2023 "World's Most Admired Companies" as well as the 2023 Fortune 100 Best Companies to Work For , MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.

Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible. Join us!

Equal Employment Opportunity/Disability/Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.