17 days old

IT Risk & Security Analyst

Cary, NC
**Job Location:** United States : North Carolina : Cary

**Role Value Proposition:**

This position is primarily responsible for ownership of the IT Security Policy program. Under limited supervision, performs all procedures asked and executes on owned strategic activities to ensure that information assets, technology and intellectual property are adequately protected. The role requires strong IT Security control framework subject matter expertise and the ability to influence process changes. This role partners with business areas, IT teams, Privacy Office, legal, and other areas to ensure policies, standards and procedures are in place to meet compliance requirements. The role will be responsible for the following activities within the global MetLife IT Risk and Security department:

+ Serve as the IT Security Policy program owner, including all planning and execution related program activities

+ Coordinate all development, changes and recertification of global IT security policies, standards, and procedures

+ Must demonstrate understanding of enterprise security and general computer control best practices

+ Coordinate compliance initiatives with IT Risk & Security, Application Development, Engineering, Architecture and Business Units

+ Provide subject matter expertise regarding SOX, HIPAA and other controls to global business and IT constituents

+ Possess knowledge of eGRC framework design and development

**Primary Responsibilities**

+ Executes strategy, supports and maintains IT security policy program including policy lifecycle process

+ Assists with implementation of security compliance initiatives and security awareness programs

+ Supports management in the enforcement of security policies, standards and procedures

+ Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

+ Assists in the risk evaluations of service providers arrangements in support of security policy and awareness programs

+ Prepares status reports to develop security risk analysis scenarios and response procedures

+ Collects, evaluates and maintains data concerning risks, audit issue tracking and mitigation strategies

+ Assists with preparation of key metrics for reporting compliance with governmental laws or regulations

**Required Qualifications**

+ 3+ years of IT audit, security,

+ 2+ years of experience, knowledge of RSA Archer Enterprise Governance, Risk, and Compliance (eGRC) platform

+ Understanding of information security concepts

+ Good analytical ability and project management skills

+ Strong interpersonal and communication skills

+ Experience communicating with Leadership

+ Strong communications skills, both written and verbal

**Preferred Qualifications**

+ 3+ years of IT audit, security, risk, audit, or compliance related work experience

+ 2+ years of experience and requisite knowledge of RSA Archer Enterprise Governance, Risk, and Compliance (eGRC) platform

+ Certifications desired and/or planning on working toward security, audit, or compliance certifications such as CISA, GSE, SANS, SOX or CISSP

**Required Education**

+ Bachelors degree or equivalent experience in Computer Science, Information Systems or related field

**At MetLife, were leading the global transformation of an industry weve long defined. United in purpose, diverse in perspective, were dedicated to making a difference in the lives of our customers.**

MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

**For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.**

Requisition #: 85324


  • Engineering
  • Information Technology
  • Legal

Share this job:

IT Risk & Security Analyst

Cary, NC

Share this job

IT Risk & Security Analyst

Cary, NC

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast