15 days old

Consultant, IT Risk Governance

Cary, NC
**Job Location:** United States : North Carolina : Cary

**Role Value Proposition:**

This position will be part of the IT Risk Management group in IT Risk & Security, and is responsible for managing the application, infrastructure and control scope for annual audit activities over MetLifes IT services in alignment with the Enterprises IT Process, Risk, and Control (PRC) framework. This role will also be responsible for performing periodic readiness testing to confirm that controls are operating effectively in advance of formal external audit activities. Candidates will be expected to interact with IT leadership and points of contact within IT to monitor control ownership and documentation, as well as extensive coordination with external auditors to ensure successful testing and reporting on a defined timeline. It is expected that this role will own at least one audit complete and is expected to manage that engagement to complete, however they will be working in a larger team of associates performing similar duties on other audits and will have several avenues for support. Candidate will be required to produce regular status updates on all activities to immediate management and may be required to present results on a periodic basis to IT management.

Candidates will need to understand all parts of the typical IT audit process and be prepared to make compelling arguments in areas of scoping, controls design and operating effectiveness. Given the amount of coordination and reporting necessary, ideal candidates will be very organized and capable of working against a project plan with many concurrent workstreams. Communication and presentation skills will be necessary to provide reports to several layers of management and to collaborate with internal and external audit. Experience executing on the first year of an audit report (SOC1/SSAE18 or SOC2) is preferred. Coordination will be necessary with the other IT audits occurring in parallel to this report with the same external auditor. Exceptions identified during testing will require persistent follow-up between reports which will involve teaming with the IT Risk Guidance team.

**Key Responsibilities:**

+ Identify and manage the IT controls required for the audit in alignment with Company IT PRC

+ Maintain formal listing of in-scope systems and infrastructure to ensure proper scoping

+ Perform initial testing of all controls in scope for report on an annual basis

+ Facilitate audit activities to produce the end report annually

+ Report to management on status and results of readiness and formal audit activities

+ Maintain constant contact with control owners to monitor for changes.

+ Support the IT Risk Governance team in implementing a consistent and well documented IT control framework across the enterprise

**Essential Business Experience and Technical Skills:**

+ 4+ years of experience in IT Audit required

+ 2+ years of experience working in IT in Security or IT Risk required

+ Strong verbal and written communication and presentation skills required

+ Prefer experience with industry risk and control standards (ISO, NIST, COBIT, etc.)

+ Prefer Effective project management skills to execute multiple separate work streams at one time

+ Prefer CISA, CPA, and/or CRISC Certification

**At MetLife, were leading the global transformation of an industry weve long defined. United in purpose, diverse in perspective, were dedicated to making a difference in the lives of our customers.**

MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

**For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.**

Requisition #: 88662


  • Accounting
  • Legal

Share this job:

Consultant, IT Risk Governance

Cary, NC

Share this job

Consultant, IT Risk Governance

Cary, NC

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast