MetLife

Role Value Proposition

MetLife Japan is seeking a highly skilled and experienced AVP of Information Security Governance, Risk, and Control to lead and manage the organization's information security governance, risk management, and control functions. This role will be responsible for developing and implementing comprehensive security policies, ensuring compliance with regulatory requirements, and managing risks to protect the organization's information assets. The ideal candidate will have a strong background in information security, excellent leadership skills, and the ability to work collaboratively with various departments to ensure the security and integrity of MetLife Japan's information systems. The role will report to Japan Chief Information Security Officer.

Key Responsibilities:

• Governance: Develop and implement information security policies, standards, and procedures to ensure the organization's security posture aligns with industry best practices and regulatory requirements.
• Risk Management: Identify, assess, and manage information security risks, ensuring that appropriate controls are in place to mitigate risks and protect the organization's information assets.
• Compliance: Ensure compliance with relevant laws, regulations, and industry standards, including conducting regular audits and assessments to identify and address any gaps in the organization's security posture.
• Control: Oversee the implementation and maintenance of security controls to protect the organization's information systems and data from unauthorized access, disclosure, alteration, and destruction.
• Third Party Risk Management: Manage risks associated with third-party vendors and partners, ensuring that they adhere to the organization's security policies and standards.
• Continuous Improvement: Drive initiatives to continuously improve the organization's information security governance, risk management, and control processes, ensuring that security measures are up-to-date and effective.
• Stakeholder Management: Work closely with various departments and stakeholders, both locally and globally, to ensure alignment and collaboration on information security initiatives.

Candidate Qualifications:

Education and Language:

Required Experience:

• At least 10 years of experience in cyber security, with a minimum of 5 years in a leadership role.
• Strong knowledge of cyber security frameworks, standards, and best practices.

• Experience with governance, risk management, compliance, and control functions.

• Proven experience in people management, continuous improvement, and automation of key controls.
• Excellent communication and interpersonal skills, with the ability to work effectively with diverse teams and stakeholders.
• Experience working in a global environment and managing stakeholders locally and across the globe.

Preferred Experience:

• Proficiency in tools like project management software, and data visualization tools (e.g., PowerBI).
• Familiarity with regulatory / industry standards (NIST CSF, PCI DSS, FISC)

Language:

Skills and Competencies:

• Competencies 
• Strategic Thinker: Ability to identify long-term trends and opportunities.
• Collaboration Champion: Strong interpersonal skills to foster an inclusive, collaborative culture.
• Results-Oriented: Delivers measurable outcomes through innovation and continuous improvement.
• Change Leadership: Comfortable leading in dynamic environments with evolving priorities.
• People Management: Inspiring, motivating and leading diverse and distributed teams