Role Value Proposition:
We are looking for an experienced IT Risk Management professional to lead various aspects of our IT Risk Governance function. This person will partner with various teams within the global IT Risk & Security departments as well as business leaders to drive risk identification, assessment, quantification, governance and reporting. This person will have a strong background in risk management, exposure to risk analysis and has experience producing high-visibility reports. This person must be comfortable communicating with a broad range of both business and IT colleagues, including senior leadership. This person will enable senior management to make data-driven strategic decisions and help mature the IT Risk Management program. Experience and knowledge of cyber security principles is required. This role will report to the Director of IT Risk Management and will supervise two or more resources.
- Consult and advice remediation strategies to businesses to mitigate risk.
- Calculate security investment to develop budgets and drive security strategy to reduce risk.
- Communicate in technical and business terms key risk indicators to Management, Executives, and the Board.
- Advance the design, delivery and performance of IT security, risk and compliance metrics, analytics and reporting.
- Deliver data-driven decision-making solutions, via risk intelligence that is timely, accurate, and actionable.
- Apply risk event data, Key Risk Indicators (KRIs) and model risk & control relationships to support reporting.
- Articulate complex analytical findings into dashboards and reports using advanced visualization tools such as PowerBI.
- Maximize risk reduction by prioritizing risk mitigation initiatives based on impact, likelihood and risk-cost-based benefits.
- Collaborate with various lines of business to support governance committees, sub-committees and business groups and forums.
- Supervise a team of risk assessors and analysts to meet our SLA requirements.
Essential Business Experience and Technical Skills:
- 8+ years of work experience, capabilities and accomplishments directly in IT risk management, risk & control function or IT Security.
- 4+ years of experience mentoring, supervising or leading a team of risk/IT professionals.
- 4+ years of direct or indirect work experience in advisory capacity serving risk, controls, audit and regulatory compliance function.
- Experience performing risk analysis and assessment to ensure information completeness,accurate and appropriate classification.
- Gathering requirements, formulating metrics, and transforming data analysis into tangible reporting products.
- Advanced Microsoft Office product expertise in MS Access and MS Excel including running pivots, macros, index, conditional list etc.
- Strong presentation skills specially to management and executive audiences.
- Experience managing two or more resources.
- BA/BS in related field
- CISSP, CRISC, CIPP, CISA or other relevant certifications.
- Some experience in RSA Archer (risk findings module).
- Some experience in a regulatory compliance function within insurance industry or highly regulated industry.
- Some programming and scripting skills; e.g. Java, SQL, Hadoop, Spark, Python, Ruby, MATLAB, and Unix shell.
IT Risk & Security
Number of Openings: 1
At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.