Share this Job

Sr IT Risk Governance Specialist

Date Posted: Aug 6, 2019

Location: Cary, NC, US, 27513

Company: MetLife

Job Location: United States : North Carolina : Cary  


Role Value Proposition: 

This position will own and evolve the MetLife IT Process, Risk, and Control (PRC) Framework, the central foundational element from which all risk activities are aligned.  The position will ensure that risk findings, risk reporting, risk assessments, and other risk activities are in alignment to the PRC as well as update, modify, and improve the PRC to reflect changes in the company, the industry, and to align with company strategy.  This role will also interface with Internal Audit and other business stakeholders to facilitate the efficient execution of audits and assessments done within IT.

There is a need from the business to have a consistent and standardize means of reporting and making decisions about IT risk and the PRC provides that touchstone that allows many groups within the enterprise to speak the same language when it comes to IT.  The effective execution of this role will enable global stakeholders to understand how local and regional IT concerns affect them and be able to discuss these concerns with others throughout the enterprise in a way that reduces confusion and increases efficiency.   Communication with senior leadership will be a significant responsibility of this role and the ability to explain potentially complex IT risks in a manner that is understandable to all levels is a necessity.  Additionally, being able to answer direct questions on larger impacts to the organization will be required.  Working collaboratively and effectively with off-shore and contractor resources to accomplish these goals is expected.  Coordination between this role and the IT Risk Guidance and IT Risk Operations groups is essential.


Key Responsibilities:

  • Implement the Process, Risk and Control (PRC) Framework throughout IT
  • Assisting in the facilitation of compliance, external, and internal audit activities
  • Update and maintain the PRC based on input from stakeholders and industry trends
  • Maintain PRC Model within RSA Archer and IBM OpenPages eGRC platforms
  • Research IT risk topics and concerns as they arise to identify a response aligned to PRC and represent IT Risk Management in emerging regulatory and/or compliance discussions


Essential Business Experience and Technical Skills:


  • 8-10 years of experience in IT Security, IT Audit, or IT Risk with a preference for 2+ years experience performing SOX, SSAE18, and/or SOC2 audits or implementing compliance programs such as the NY DFS Cyber law.
  • Experience creating or updating a Process, Risk, and Control Framework in an IT organization with global responsibilities
  • Experience with industry risk and control standards (ISO, NIST, COBIT, etc.)
  • Strong verbal and written communication and presentation skills with the ability to challenge and push back in a productive manner when needed
  • Effective project management skills to execute multiple separate work streams at one time



  • CISA and/or CRISC Certification is preferred




At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.



MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 111067 

Nearest Major Market: Raleigh