Share this Job

Consultant, IT Control Advisor

Date Posted: Aug 16, 2019

Location: Cary, NC, US, 27513

Company: MetLife

Job Location: United States : North Carolina : Cary  

 

Role Value Proposition: 

The IT Application Risk Assessment Consultant role will responsible for the coordination of activities associated with the Global Application Risk Assessment Program within MetLife’s IT Risk and Security Organization

    

Key Responsibilities:

  • Conduct application risk assessments over all in scope applications ~3200, including but not limited to: administering risk assessments using Archer: examining responses to determine the extent of risk the relationship represents to MetLife; offering recommendations to MetLife Management on how to respond to any risks; and assist with generating and closing formal findings.
  • Manage day to day operations of (5) GOSC team members based in Nodia, India (answering questions, escalating application risk assessment progression, and providing growth opportunities of IT Risk Assessment program.
  • Collaborate with Application Management Services teams, Regional Heads, Country CIOs - internationally to delivery application risk assessment education and training.
  • Research new and developing technologies and standards to help contribute to the continuous improvement of the risk assessment process.
  • Develop and report monthly metrics on Application Assessment program to management
  • Act as a subject matter expert in understanding why certain risks are a threat to the company and how compensating or mitigating processes affect that risk.

 

Essential Business Experience and Technical Skills:

Required:

  • 4+ years of IT Security Assessment and/or IT Audit experience to include reading and interpreting the results of audit reports (SSAE16, PCI ROC, etc.), security assessments (penetration tests, vulnerability scans, etc.), and continuity tests (Disaster Recovery, Business Continuity, Security Incident, etc.)Understanding and knowledge of information security standards and laws (e.g., ISO 27001/27002, NIST, FFIEC, etc.), and commonly used concepts, practices and procedures within the information security and privacy field.
  • Bachelor’s degree in Computer Science, MIS, Information Systems, or related discipline.
  • Excellent communication skills and be able to write, speak and present to all levels of management.
  • Strong organizational ethic to manage a large volume of competing tasks effectively.
  • Direct experience developing, implementing, and improving technology controls in a corporate environment.

 

Preferred: 

  • Professional certification; such as CISA, CRISC, or CISSP Certifications preferred.
  • Experience working with Archer eGRC platform

 

 

 

At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.

 

 

MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 110670 


Nearest Major Market: Raleigh