Share this Job

Assistant Manager - IT Risk & Security

Date Posted: Sep 23, 2021

Location: Noida, IN, 0

Company: MetLife

Job Description – Asst. Manager – IT Risk and Security

Position Title:

Asst. Manager – IT Risk and Security

Function, Responsibility Level: Operations Manager (IC)

 

 

 

 

Reports to (Responsibility Level):

 

Unit Manager/ Manager – Operations

 

Supervises: NA [Individual Contributor]

Location:

MetLife GOSC

NOIDA

 

Global Grade:

10 M

Cost Center (85 series):

 

Complexity:

 

 

PID/s Load Mapping:

 

Position Summary

 

The IT audit coordinator will work with various groups across the IT organization and serve as a facilitator to enable timely completion of audits performed by internal and external auditors. The IT audit coordinator works with Internal and external auditors and process / control owners. This person will be the point person in key audit related activities such as audit planning, communication of the controls and audit objectives, schedule and attend meetings, track evidence requests and remediation activities to support various audit related activities. The IT audit coordinator will be responsible for timely and accurate updates to management.

 

Essential job functions and responsibilities:

  • Support the tracking of audits, schedule audit follow-up, and central storing of audit reports and artefacts.
  • Attend walkthrough, Information Provided by Entity, testing and reporting meetings for various audit engagements
  • Lead metrics-based tracking to measure effectiveness and efficiency of accomplishing various audit objectives
  • Actively work on Process, Risk and Controls framework
  • Work closely with the Archer risk findings team on risk related to audit issues
  • Review and upload audit requests, submission, correspondence, findings and results
  • Perform evidence reviews prior to delivering to auditors
  • Work closely with the project manager and provide regular updates on various audit meetings and sessions
  • Work with the audit issue management team to gather updates on audit issue remediation, assess Management Action Plan, report status of issues
  • Partner closely with IT Risk and Security organization stakeholders on audit controls testing, implementation of controls to address audit gaps, documentation of management action plans as response to audit reports etc

 

                                                                                                                       

 

Knowledge, Skills and Abilities

 

 

 

Education

 

  • A Bachelor’s degree from an accredited college or university with major course work in IT, Security or a closely related field.

 

 

 

Experience

  • 6 plus to 8 plus years of total experience and at least 5- 6 years of experience in IT risk and compliance, internal audit or IT risk advisory with a strong understanding of audit processes and engagements
  •  Experience with IT process, risk and controls framework and IT General Controls (ITGC)
  • Solid understanding of IT auditing procedures and techniques
  • Working knowledge in at least one of the Governance, Risk and Compliance (GRC) tools such as OpenPages (preferred), RSA Archer, RSAM, SAP GRC, Risk Connect, ACL etc.
  • Working knowledge of Sarbanes-Oxley, SSAE18 SOC 1 and SOC2 requirements.
  • Experience with industry standard Information Technology Control Policies and Standards frameworks including COBIT, NIST and ISO is preferred
  • Independently plan, organize and direct an audit program under minimal supervision

 

 

Knowledge and skills (general and technical)

 

  • Excellent interpersonal, verbal, and written communication skills, including experience in making presentations to senior management and technical subject matter experts
  • Ability to conducting training sessions on various IT audit topics
  • Experience with Microsoft based applications such as Excel and SharePoint. Advanced excel skills such as VLOOKUP, Pivot tables and macros, is desirable
  • Ability to work effectively with multiple levels of management and collaborate to improve promote partnership. Establish and maintain effective working relationships with process and control owners
  • Must process problem solving, planning, and analytical skills to drive continuous improvements
  • Flexibility in working hours and handling escalation and pressure situations
  • Excellent inter-personal skills with the ability to coordinate cross functionally

 

 

 

Other Requirements (licenses, certifications, specialized training – if required)

 

 

 

Working Relationships

 

             

 

MetLife:

 

MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

 

We are ranked #44 on the Fortune 500 list for 2019. In 2019, we were named to the Dow Jones Sustainability Index (DJSI) for the fourth year in a row. DJSI is a global index to track the leading sustainability-driven companies.      

 

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

 

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.