Share this Job

Director - IT Policy, PRC & Customer Advisory

Date Posted: May 29, 2019

Location: Cary, NC, US, 27513

Company: MetLife

Job Location: United States : North Carolina : Cary  


Role Value Proposition: 

The Director of IT Risk & Customer Advisory directs, manages, plans all activities associated with the running of a team within the IT Risk & Security function. Recommends and implements tactical and strategic direction for security advisory activities. Provide security consulting, analysis, and support for security infrastructure changes, changes to regulatory environment, compliance monitoring, strategic direction, customer assurance audits and/or other third-party reviews including regulatory assessments. This position manages a team to support business and IT constituents in

  • Responding to customer and regulatory requests;
  • Coordinating NYDFS Cybersecurity compliance and NAIC model law alignment.
  • Translating IT security policies, control frameworks, and contractual obligations into business requirements,
  • Providing guidance and expertise on information security controls & best practices
  • Partnering with business areas, IT teams, privacy office, legal and other areas to ensure policy and minimum security requirements are represented accurately to customers and regulators,
  • Managing critical processes with high visibility to senior management
  • Supporting Federal and State Exams where IT Security input is required and reporting out to regulatory agencies on Cybersecurity regulatory compliance when applicable
  • Evaluating and aligning new state and/or federal cybersecurity regulatory requirements to policies and controls.


 Primary Responsibilities

  • Coordinate customer security questionnaire and ad hoc inquiries, site visits, and contract security language
  • Provide subject matter expertise and direction on customer, regulatory, and industry information security requirements to ensure appropriate controls are implemented in the environment. Security control frameworks and guidance, including but not limited to, NIST (800-53, CyberSecurity), HIPAA, Privacy, ISO, and SSAE-18 SOC1 & SOC2.
  • Coordinate and support inbound state regulatory inquiries and exams. Support Internal and External Audits as necessary.
  • Demonstrates advanced understanding of business processes, internal control risk management, IT controls and related security standards
  • Implements key compliance metrics to identify and report progress and pivot strategy as needed to achieve desired outcomes


Supervisory Responsibilities

  • Full people management responsibility, including hiring, firing, promotions, performance and compensation, and training and development
  • Attracts and develops talent to enhance the team’s effectiveness
  • Assists in retention of professionals


Required Qualifications

  • 7-10 years’ experience in IT security, audit, compliance, and/or IT disaster recovery required
  • 3-4 years direct experience managing security, auditing, compliance projects and/or processes
  • 3-4 years supervisory experience
  • A high degree of knowledge in IT Security and controls and strong regulatory compliance background
  • Strong technical IT background, understanding of application and network architecture


Preferred Qualifications

  • IT Security Governance and Control Framework experience such as ISO27002, COBIT, NIST, PCI, etc. desired
  • Experience with compliance requirements for HIPAA, PCI, SOX, Tricare, etc. desired
  • Professional certification; such as CISA, CISM, GSE, SANS or CISSP strongly preferred
  • Must have strong analytical skills, ability to assess security architecture designs independently


Required Education

Bachelor’s degree in Computer Science or related field required; advanced degree and/or relevant certifications preferred



At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.



MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 109630 

Nearest Major Market: Raleigh