Director of IT Audit (108466)
Role Value Proposition:
Internal Audit is an independent global organization that plays an important role in partnering with the business to ensure that management anticipates, recognizes, and appropriately manages risks. The Director of IT Audit assists the VP of Global Technology Audit in driving coverage and engaging in discussions regarding critical and high IT risks across the three lines of defense, and advises line of business management and Risk Management on potential strategies to mitigate these risks. The position also supports transparency in communication and reporting on key IT risks and issues facing the organization to both Risk Management and the Audit Committee, including periodic updates on top risks and issues (e.g., Cybersecurity posture, major programs, IT compliance).
- Support the VP-Global Technology Audit in providing leadership and management of the Internal Audit team responsible for audit coverage of Global Technology (e.g., IT Risk Management including Third Party Risk Management, Enterprise Architecture, Governance, etc.) and certain Shared Services functions (e.g., Corporate Security). This audit coverage includes the risk assessment, audit planning, audit execution, SOX testing, issues management, and reporting of consolidated results to MetLife Global Technology and Operations (GTO) leadership.
- Engage and report on both the audit plan and results of Global Technology activity (globally) within Internal Audit (regional business and IT leads), with the second line of defense, and to management. Provide guidance to and partner with the local, regional, and cross-line of business IT teams in the execution of global and regional audits over technologies, processes and controls.
- Guide the Global Technology Audit team in its role as the IT subject matter experts for IA, by identifying emerging risks, providing insight into current IT risks globally, and providing support in the assessment and reporting of these risks throughout the three lines of defense.
- Build and maintain an effective and competent audit staff via an efficient organization structure, and provide leadership in a manner that motivates, engages and develops individuals and teams to successfully execute plans and drives strong results.
- Enable IA’s vision for the auditor of the future, by providing leadership and oversight into the Internal Audit team’s enhancement of technology audit skills. Drive and support the use of innovative audit techniques and analytics to enhance risk coverage.
- Provide leadership and oversight over the execution of the GT audit plan by ensuring the team embeds quality in the procedures executed, and maintains general compliance with Balanced Scorecard Metrics.
Essential Business Experience and Technical Skills:
- 10-12+ years IT audit experience, public accounting and/or IT security experience preferred.
- Proven track record of success as a technology audit leader, both advising management on current and emerging IT risks, and leading/coaching junior team members on methodology, stakeholder management, and the more technical aspects of IT audit reviews.
- Certified as a CISA, CISM or CISSP designation.
- Strong competencies/body of knowledge of technology, cybersecurity and IT governance and operational processes, having led multiple assessments of an organization’s processes against leading security standards/practices (e.g., ISO 27001, NIST, ITIL, PCI).
- Proficient capabilities in the areas of IT risk management, critical thinking, root cause analysis, and written/verbal communications.
- Bachelor’s degree or equivalent experience, preferably in Computer Science, Information Technology or Accounting