MetLife

The Team You Will Join

Internal Audit (IA) is an independent global organization that plays an important role in partnering with the business to ensure that management anticipates, recognizes, and appropriately manages risks. We protect MetLife and our stakeholders through meaningful independent assurance and advice, while advocating for risk management and internal controls.

The Opportunity

We’re looking for an experienced Senior IT Auditor that’s excited to be part of a dynamic and highly collaborative team. Someone that is comfortable sharing their ideas and is passionate about building client relationships and delivering high quality impactful results to stakeholders.

Audit reviews may be conducted in specialized areas, such as cybersecurity, IT risk management, enterprise architecture, applications, infrastructure, and vendor management, requiring specific knowledge pertaining to the areas, policies or regulations being audited.

How You’ll Help Us Build a Confident Future (Key Responsibilities)

Auditing

• Assist in audit work to assess the soundness, adequacy, compliance with MetLife Policy and use of best practices for MetLife IT processes, risks and controls.
• Be aware of and understand the IT audit universe at a high level and how the audit projects align with and impact the risk assessments. 
• Efficiently execute and document audit and issue remediation testing and document findings in the audit system.
• Prepare audit deliverables that meet departmental and professional standards of quality.
• Develop experience and auditing skills to cover a broad range of risks, including IT and business processes, technology, and data.

Project Management

• Participate in projects, completing assigned tasks and responsibilities within budget and agreed timelines.
• Communicate timely and appropriately with identified stakeholders within IA and business management. Exercise quick escalation to resolve project barriers and challenges. 

Relationship Management

• Interface with auditees to request and organize evidence during audit work and track follow ups and outstanding/unresolved items.
• Consult with clients in developing action plans to resolve control issues or risks.
• Maintain a positive working relationship with fellow auditors and auditees, sustaining ongoing relationships with key business contacts.

What You Need to Succeed (Required Qualifications)

• 2-4 years IT internal or external audit experience, or equivalent IT Governance, Risk and Compliance (GRC) area.
• Strong written and verbal communications skills, including listening and interviewing skills.
• Possesses intermediate understanding of: IT general controls (e.g., security, change management, disaster recovery & backup, infrastructure, etc.); SDLC/Agile methodologies, cybersecurity, and cloud.
• Possesses fundamental understanding of operating system and database platforms (e.g., mainframe, Active Directory, Windows, Linux, Oracle, etc.); network architecture; IT governance processes; IT risk management and assessment processes. 
• Possesses intermediate understanding of auditing practices including risk assessment, performing walkthroughs, sampling and testing methodologies, and analysis of results for potential exceptions/issues. 

What Can Give You an Edge (Additional Skills)

• Bachelor’s degree 
• Financial service industry experience 
• Working toward or willing to work toward CISA, CIA, or CISSP certification
• 1-2 years Information Security, Network/Cybersecurity, or equivalent IT/Network Management experience
• Demonstrated success and abilities in the following: 
• Leverage access to data and analytics tools to analyze populations of data of moderate complexity. Assess the results of analytics performed to draw control conclusions and areas of risk requiring additional research. 
• Both perform tests of controls independently or provide oversight over a junior staff in the production of high quality workpapers within the timelines provided.
• Possesses intermediate understanding of multiple frameworks such as IIA, COBIT, NIST, SOX, and PCI DSS v3.