At MetLife, we seek to make a meaningful impact in the lives of our customers and our communities. The Global Technology & Operations Audit group (GTOA) is a diverse team of auditors that ensures proper risk management practices are employed by engineers, developers, business analysts, and project managers. This role will be part of the team that is specifically responsible for providing assurance over Enterprise Infrastructure and Architecture.
United States : North Carolina : Cary
Alternate Job Location
Not Applicable : Not Applicable
Overall responsibility for the delivery and management of a portfolio of audit assignments to ensure that all business and technology risks are anticipated, identified, recognized, and appropriately managed in alignment with the departmental audit plan and initiatives. Audit activities include the following:
- Performs risk assessments and develops a quarterly audit plan;
- Oversees and delivers audits of business, Information Technology Risk and Information Security processes/practices, and major business/IT projects to ensure compliance with MetLife Policy, use of compliant best practices, procedural efficiency and accuracy in accordance with the audit plan;
- Review or prepares reports of audit findings for business managers and proposes recommendations for changes as needed. Prepares reports for senior management on larger-scale audit assignments
- Participates consultatively in implementing changes to the extent possible;
- Responsible for leading discussions with Senior Management, regarding Audit planning and reviews; and,
- Coaches and develops audit staff.
Audit reviews may be conducted in specialized areas, such as IT, insurance, financial products and services, or international operations, requiring specific knowledge pertaining to policies or regulations governing areas being audited.
Dimensions of Position
- Ensure compliance to MetLife Policy & Procedures, leading practices, procedural efficiency, risk management and accuracy;
- Ensure compliance to regulatory standards and best practice; and;
- Ensure IT compliance to Risk and Security, where applicable to role.
Principal Accountabilities of Position
- Subject matter expert with managerial responsibilities over all aspects of large–scale, most complex, or high profile audits
- May serve as high-level technical expert or lead a team to conduct selected audits, and is accountable for the identification of risks or weaknesses within business unit being reviewed, as well as for developing recommendations
- Assignments are broad, requiring consultation with clients and audit management to develop scope of review, timelines, and deliverables;
- Proficient in the use of industry and regulatory standards;
- Intermediate to advance understanding of the financial services industry;
- Overall knowledge of MetLife’s businesses and operations;
- Intermediate to advanced understanding of certain business and operations of MetLife; and
- Strong written and verbal communications skills, including presenting, listening and interviewing skills.
- Role: Leading multiple projects;
- Communicate appropriately with identified stakeholders within IA and business management;
- Advanced experience in being able to multi-task various ongoing activities and engagements; and
- Tracks and follows up on open issues and key business initiatives.
- Act as the primary client contact; communicates top risks, audit plans, work in progress, and results and develops resolutions with audit management and business client;
- Consults with clients in developing action plans to resolve control issues or risks; handles the resolution of high risk issues with management; and
- Maintains a positive working relationship with auditees and sustains an ongoing relationship with key business contacts.
- Responsibilities include managing people, including supervision and direction to associates on delivering the audit plan and participate in the coaching and performance management process.
- 10-12+ years IT audit experience, public accounting experience preferred.
- Certified as a CISA, CISM or CISSP designation.
- Competent knowledge of IT and Information Security operations, policies and procedures.
- Competent knowledge of generally accepted audit standards and Corporate Internal Audit standards.
- Advance understanding of:
- IT general controls (e.g. security, change management, disaster backup recovery, data center, infrastructure, etc.);
- Systems Development Life Cycle (SDLC) methodology;
- Operating system and database platforms (e.g. mainframe, client/server, Windows, UNIX, AS400, DB2, etc.);
- Networking (e.g., TCP/IP)
- IT governance processes (IT Policies and Standards, ITIL);
- IT Risk Management’s assessment processes (e.g., Security, Vendor, and Risk Assessments);
- IT application control concepts (e.g. application processing controls, system reconciliations, matching, workflows, etc.); and
- Information Security frameworks, such as: ISO 27001, Information Security Forum Standard of Good Practice, and NIST standards; and,
- COBIT principles, Sarbanes-Oxley requirements
- Experience working in technology or security operations a plus.
Number of Openings
MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.
Requisition #: 27442