At MetLife, we seek to make a meaningful impact in the lives of our customers and our communities. The Global Technology & Operations Audit group (GTOA) is a diverse team of auditors that ensures proper risk management practices are employed by engineers, developers, business analysts, and project managers. This role will be part of the team that is specifically responsible for providing assurance over Enterprise Infrastructure and Architecture
United States : North Carolina : Cary
Alternate Job Location
Not Applicable : Not Applicable
Overall responsibility for the delivery and participation in audit assignments to ensure that all business and technology risks are anticipated, identified, recognized, and appropriately managed in alignment with the departmental audit plan and initiatives. Audit activities include the following:
- Reviews of business, Information Technology (IT), Financial and Information Technology Risk and Security processes/practices to ensure compliance with MetLife Policy, use of compliant best practices, procedural efficiency and accuracy;
- Contributes to or prepares reports of audit findings for business managers and proposes recommendations for changes as needed; and
- Participates consultatively in developing issue resolutions to the extent possible.
Audit reviews may be conducted in specialized areas, such as IT, insurance, financial products and services, or international operations, requiring specific knowledge pertaining to policies or regulations governing areas being audited.
The Audit Senior is responsible for contributing to reports to and participating in discussions with Senior Management regarding Audit planning, reviews and findings.
Dimensions of Position:
- Experienced and capable of executing audit assignments as part of a team, or independently for less complex or routine activities;
- Proficient in the use of industry and regulatory standards;
- Intermediate understanding of the financial services industry;
- Overall knowledge of MetLife’s businesses and operations;
- Intermediate understanding of certain business and operations of MetLife; and
- Strong written and verbal communications skills, including listening and interviewing skills.
- Role: Participant or leading individual less complex or routine projects;
- May participate in and/or manage projects, completing assigned tasks and responsibilities within budget and agreed timelines (and explaining variances);
- Communicate appropriately with identified stakeholders within IA and business management;
- Intermediate experience in being able to multi-task various ongoing activities and engagements; and
- Tracks and follows up on open issues and key business initiatives.
- May act as the primary client contact; communicates findings and develops resolutions with audit management and business client;
- Consults with clients in developing action plans to resolve control issues or risks; handles the resolution of high risk issues with management; and
- Maintains a positive working relationship with auditees and sustains an ongoing relationship with key business contacts.
- 5+ years IT audit experience, public accounting and financial service industry experience preferred. Experience working in technology or security operations a plus.
- Certified as, or working towards a CIA, CPA, CISA, CISM or CISSP designation.
- Competent knowledge of IT and Information Security operations, policies and procedures.
- Competent knowledge of generally accepted audit standards and Corporate Internal Audit standards.
Intermediate understanding of:
- IT general controls (e.g. security, change management, disaster backup recovery, data center, infrastructure, etc.);
- Systems Development Life Cycle (SDLC) methodology;
- Operating system and database platforms (e.g. mainframe, client/server, Windows, UNIX, AS400, DB2, etc.);
- Networking (e.g., TCP/IP)
- IT governance processes (IT Policies and Standards, ITIL);
- IT Risk Management’s assessment processes (e.g., Security, Vendor, and Risk Assessments);
- IT application control concepts (e.g. application processing controls, system reconciliations, matching, workflows, etc.); and
- Information Security frameworks, such as: ISO 27001, Information Security Forum Standard of Good Practice, and NIST standards; and,
- COBIT principles, Sarbanes-Oxley requirements.
MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.