IT Risk PCI Specialist

Return to Postings
Posted On:
Closing On:

Job Description:

Job Title: IT Risk PCI Specialist

Location: Cary, NC

Click here to learn more and apply:


Role Value Proposition:

IT Risk Management is a global organization that plays an important role in partnering with the business, IT, operations, and audit to ensure that management anticipates, recognizes, and appropriately manages risks. The Senior IT Risk Consultant has responsibility for the delivery and participation in implementing, managing and enforcing PCI compliance regulations, IT Assurance Testing, IT Audit Support and Facilitation, and other IT Risk Management assignments.


Support activities include the following:

Reviews of Information Technology (IT) Risk and Security processes/practices to ensure compliance with MetLife Policy, use of compliant best practices, procedural efficiency and accuracy;
Coordination and execution of annual PCI compliance assessments.
Participates consultatively in developing issue resolutions to the extent possible.


Key Responsibilities:

Conducts or assists in the conduct of quality assurance testing of the enterprise's operational and information systems' controls.
Participate in the PCI compliance program through the execution (individually or as part of a team) of both internal and external assessments.
Provide Process and Control Owners with feedback on assessments of their processes and controls including recommendations to ensure risks are identified, understood and managed.
Conduct detailed data security assessments including applications, servers, databases, and other network components and associated processes against the PCI DSS standards to identify areas of non-compliance.
Collection and quality assurance of evidence, penetration testing and observations associated with global PCI compliance related activities.

Essential Business Experience and Technical Skills:

3 -5 years experience in IT audit, IT, or IT Risk/Security
Possesses basic to intermediate-level understanding of IT general controls (security, change management, disaster backup recovery, data center, etc.), cybersecurity, privacy, and IT regulatory risks and controls.
Possesses fundamental understanding of PCI DSS framework.
Strong written and verbal communication skills, including listening and interviewing skills.
Earned or working towards CISA, CISSP or CISM certification.



PCI ISA or QSA designation
Possesses experience in IT, Information Security or IT Audit in large, complex organization


At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected] or call our Employee Relations Department at 1-877-843-3711

MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.

Requisition #: 114648

Preferred Skills:

Powered by JobGrok