Senior IT Risk & Security Consultant Position Available In Wake, North Carolina

The Team You Will Join The Global Security Risk, Controls & Compliance team is part of the Global Security Governance, Risk, Compliance and Awareness department within the Global Technology Organization. The team performs an important role in partnering with the business units, global technology, operations, and audit to ensure that management anticipates, recognizes, and appropriately manages risks. Specifically, the Global Security Audit Advisory team is responsible for overseeing the external audit engagements to include various SSAE18 reports, SOX compliance, PCI and HIPPA. The team ensures MetLife has processes and controls in place to meet our growing legal, regulatory, and security requirements. The Opportunity The Senior IT Risk and Security Advisor is responsible for coordinating the activities of the external audits, SOX and SSAE18 SOC1 and SOC2, working closely with external auditors, control owners and client-facing team. The candidate will work with the auditors, management, and control owners as the point person in key audit related activities such as communication of the controls and audit objectives, coordinate audit walkthroughs, track and fulfill evidence requests to support compliance audits such as Sarbanes Oxley, SSAE 18 SOC 1 and SOC 2, and

ISO 27001.

The Senior will partner with technology leadership and control owners to ensure MetLife technology controls are in place and accurately reflected in the audit results. This position will also be involved in the documentation of control procedures, process narratives, and monitoring of audit corrective action plans. This is an exciting opportunity to partner with leaders across global security and technology to enhance MetLife’s control environment. By coordinating the audit activities, you help ensure MetLife meets its control obligations for its customers. The role provides visibility and collaboration with leadership globally and in support of many different technologies and functional areas. Success in this role requires the ability to manage projects, to problem solve and collaborate with stakeholders internal and external to the team, and to collaborate and communicate effectively with different levels of management. The Senior IT Risk and Security Consultant is responsible for managing the audit activities – planning and coordinating audit walkthroughs, facilitating the collection of audit evidence, supporting the audit testing, and partnering with process and control owners to remediate exceptions and enhance controls. You’ll collaborate closely with the external and internal auditors, technology and application owners, and Global Security leaders in an environment where every contribution is respected, and every perspective is heard. How You’ll Help Us Build a Confident Future (Key Responsibilities)

• Coordinate the audit activities to ensure we meet the audit timelines.
• Partner with technology teams to ensure controls are designed effectively and documented sufficiently.
• Develop remediation plans and control enhancements for audit exceptions and issues.
• Manage internal team reporting and metrics to provide visibility to the audit progress and outcomes.
• Build relationships with process and control owners and technology leadership to improve audit results. Required Skills
• 5 years of experience in IT risk and compliance, internal audit or IT risk advisory with a strong understanding of audit processes and engagements.
• Strong understanding of Information Technology, controls, and IT Security.
• Working knowledge of Sarbanes-Oxley, SSAE18, SOC 1 and/or SOC2 requirements.
• Basic knowledge of technology and information systems – server and database technology such as windows, Linux, Oracle, SQL, and/or other technology platforms.
• Organizational skills: time management, prioritization, and delegation. Preferred Skills
• Experience managing medium or high complexity projects.
• Bachelor’s degree from an accredited college or university with major course work in accounting, cyber security, IT, business administration or a closely related field.
• Power BI, Sharepoint, data analytics and reporting experience.
• Collaborative and team-oriented.
• Industry certifications – security (CISSP, CISM), technology certification (ITIL), or audit (CISA, CIA, CPA).
• Experience in consulting or auditing technology operations, Information Security, Identity and Access controls.

Equal Employment Opportunity/Disability/Veterans If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process. MetLife maintains a drug-free workplace.