Saltar al contenido
Todas las ciudades
Tokyo
Acuerdo de trabajo
Tiempo completo
Esquema de Trabajo
Híbrido
Asistencia de reubicación disponible
No
Fecha de publicación
17-Mar-2026
ID del trabajo
16103

Descripción y requisitos

担当リクルーター:Yasuhara

Summary of Responsibilities:

The Technology Risk & Control Director leads the IT Risk and Controls function for MetLife Japan. This role is responsible for planning, overseeing, and managing technology risk management frameworks, controls, and compliance strategies to ensure adherence to regulatory requirements, internal policies, and global standards.

 

The role partners closely with Japan IT leadership, Global Risk, Compliance, Internal Audit, and business stakeholders to ensure risks across infrastructure, cyber security, data, applications, and business continuity are effectively identified, managed, and remediated. The position plays a critical leadership role in enabling technology transformation while maintaining strong governance, controls, and operational resilience.

___________________________________________________________________

Principal Responsibilities:

 

Strategic Leadership & Governance

  • Establish and execute the strategic direction for the IT Risk & Controls function across MetLife Japan.
  • Define and implement a comprehensive vision for technology risk management, controls, and governance aligned with global standards.
  • Ensure compliance with local and global regulatory requirements, MetLife policies, and control requirements. 

 

Risk Management & Controls

  • Develop, implement, and continuously improve technology risk management frameworks, standards, and control processes.
  • Lead Non‑Financial Risk Assessment (NFRA) activities, partnering with Operational Risk to define the assessment universe and remediation plans.
  • Identify, manage, and resolve technology risks, control gaps, dependencies, and audit findings.

 

Audit & Issue Management

  • Serve as the primary technology interface with Internal Audit, External Audit, Operational Risk, and Compliance.
  • Coordinate and oversee technology audits, regulatory examinations (e.g. SOX, GAAP), and internal/external control assessments.
  • Own remediation planning, execution, and reporting for technology risk and control issues. Develop programs to proactively assist IT in audit preparation.
  • Partner with IT leadership to facilitate and submit regulatory reporting related to IT.

 

Stakeholder & Partner Management

  • Partner with Japan business leaders, IT leadership, and Global GTO stakeholders to embed risk‑aware decision making.
  • Collaborate with Architecture, Information Security, Infrastructure, and Data teams to proactively manage risks.
  • Manage key vendor relationships to ensure third‑party risk and control obligations are met.

 

Technology Enablement & Ways of Working

  • Enable secure, compliant delivery of technology initiatives and digital transformation programs.
  • Support adoption of Agile ways of working across the software delivery lifecycle while ensuring strong controls.
  • Balance speed, innovation, and risk management in a complex, regulated environment.

 

People & Capability Development

  • Build, develop, and sustain strong technology risk and controls capabilities.
  • Drive upskilling and reskilling aligned with an engineering‑led culture
  • Lead by example in fostering accountability, ownership, and continuous improvement

 

___________________________________________________________________

Knowledge/Skills/Competencies Required:

Education: 

  • Bachelor's Degree in Information Technology, Engineering, Computer Science or a related field or an equivalent combination of education and work experience.

Experience: 

  • 7+ years of experience in Information Technology, Technology Risk, IT Governance, Controls, or related disciplines within financial services or other highly regulated environments.
  • 7+ years of leadership experience overseeing technology risk, controls, governance, or assurance functions at an enterprise or country level.
  • Demonstrated experience leading IT risk and control programs covering infrastructure, applications, cyber security, data, and business continuity.
  • Proven track record of direct engagement with Internal Audit, External Audit, Regulators, and Operational Risk teams, including ownership of audit responses and remediation.
  • Experience operating within global operating models, coordinating with regional and global stakeholders while addressing local regulatory requirements (e.g., JFSA).
  • Hands‑on experience managing third‑party / vendor risk, including oversight of outsourced technology services and SaaS providers.
  • Experience supporting or governing Agile and DevSecOps delivery models while maintaining strong risk and control discipline.
  • Demonstrated ability to influence senior executives and technology leaders without direct line authority.

Preferred Experience

  • Prior experience in insurance, banking, or capital markets environments.
  • Experience supporting regulatory examinations or supervisory reviews related to IT risk, cyber security, or operational resilience.
  • Experience participating in or leading Non‑Financial Risk Assessment (NFRA) or equivalent enterprise risk frameworks.
  • Experience driving technology transformation initiatives (cloud adoption, digital platforms, modernization) with embedded risk controls.

 

Knowledge and skills (general and technical): 

Risk, Controls & Governance

  • Deep understanding of IT risk management frameworks, internal controls, and governance models.
  • Strong knowledge of technology control domains, including: 
  • Cyber security & information security
  • Data protection & privacy
  • Application & infrastructure controls
  • Identity & access management
  • Ability to design and implement risk‑based control strategies that balance regulatory compliance with delivery velocity.

Audit & Regulatory

  • Strong working knowledge of audit methodologies, issue management, and remediation tracking.
  • Ability to translate regulatory and policy requirements into practical, executable control activities.
  • Skilled in preparing executive‑level materials for Audit Committees, Risk Committees, and senior management.

Technology & Delivery

  • Solid understanding of modern technology architectures, including cloud, APIs, data platforms, and SaaS environments.
  • Familiarity with Secure SDLC, DevSecOps, and Agile delivery practices, including control integration into CI/CD pipelines.
  • Ability to assess technology risks across both legacy and modern platforms.

Leadership & Influence

  • Strong management presence with the ability to challenge, influence, and advise senior technology and business leaders.
  • Excellent communication skills, capable of translating complex technical and risk concepts into clear business language.
  • Demonstrated ability to build trust and partnerships across technology, business, risk, compliance, and audit functions.

Language & Communication

  • Business‑level fluency in Japanese and English, both written and verbal, with the ability to engage regulators, auditors, and global stakeholders.

 

Certifications (Relevant / Preferred)

  • One or more: CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control)
  • ITIL v4 (Foundation or higher) 
  • SAFE Agile or equivalent Agile certification 

___________________________________________________________________

 

 

Leadership Competencies

  • Motivates People: Inspires commitment through clear vision, communication, and adaptable leadership styles.
  • Creates Partnerships: Builds trusted relationships across global, diverse, and cross‑functional teams.
  • Grows Talent: Develops and empowers talent to drive engagement, performance, and inclusion.
  • Models Our Values: Demonstrates MetLife values through accountability, integrity, and ownership.
  • Drives Results: Sets ambitious goals and delivers outcomes while leading change and continuous improvement.

 

Benefits We Offer

MetLife Japan offers a comprehensive benefits package that promotes work-life balance and employee wellbeing. Employees can take advantage of flex time policy and a generous time-off policy, national holidays, annual paid leave, special consecutive leave, and refreshment leave. We also provide full social insurance coverage, a commuting expense reimbursement, group insurance, and discounts on travel and English language lessons. To support work flexibility, employees also have hybrid work options, shortened working hours for parents with children in third grade or below, and a casual dress code.
About MetLife

MetLife Inc., through its subsidiaries and affiliates (MetLife), is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help individual and institutional customers build a more confident future. Founded in 1868, MetLife has operations in more than 40 markets globally and holds leading positions in the United States, Asia, Latin America, Europe and the Middle East.
 
MetLife Japan began operations in February 1973 as Japan’s first foreign-owned life insurance company. Our purpose, “Always with you, building a more confident future,” encapsulates our strong commitment to leveraging our global network and best practices worldwide to stand with our customers and build trust with our communities.