Description and Requirements
Position Summary
The Specialist role will be responsible for the coordination of activities associated with the Global IT Third Party Risk Management Program within MetLife's IT Risk and Security Organization
- Conduct vendor risk assessments over third party vendors, including but not limited to: determining the scope of the service provided by interacting with MetLife Senior Management; administering risk assessments directly to vendors using our online tool; examining responses to determine the extent of risk the relationship represents to MetLife; offering recommendations to MetLife Management on how to respond to any risks; and generating formal findings.
- Assess and respond to risk findings, including pursuing action plans to completion and negotiating due dates with vendors.
- Perform security assessments of systems, applications, data centers, and service providers using an established framework and tools to evaluate vulnerabilities. Research new and developing technologies and standards to help contribute to the continuous improvement of the risk assessment process.
- Act as a subject matter expert in understanding why certain risks a threat to the company are and how compensating or mitigating processes affect that risk.
- Provide Guidance on IT Security Requirements during Contract negotiation discussions.
Job Responsibilities
- 2 to 4 years of experience into IT risk & security / and/or IT Audit experience to include reading and interpreting the results of audit reports (SSAE18, PCI ROC, etc.), security assessments (penetration tests, vulnerability scans, etc.
- Knowledge of information security standards and laws (e.g., ISO 27001/27002,etc.), and commonly used concepts, practices and procedures within the information security and privacy field
- Bachelor's degree in Computer Science, MIS, Information Systems, or related discipline
- Excellent communication skills and be able to write, speak and present to all levels of management
- Professional certification; such as CISA, CRISC, or CISSP Certifications preferred
- Strong organizational ethic to manage a large volume of competing tasks effectively.
- Direct experience developing, implementing, and improving technology controls in a corporate environment
- Sound concepts of Vendor Assessments and to manage existing work and also for providing value addition to existing work.
- Experience of working in a fast-paced organization that is focused on accountability (must deliver results)
- Experience working with all levels of an organization and be comfortable in presenting, interacting with, and taking direction from Senior Management
Knowledge, Skills and Abilities
Education
- IT Graduate
- Spanish Dele B1 or above
Experience
- 2-4 years of experience into IT risk & security / and/or IT Audit experience
Knowledge and skills (general and technical)
- Exposure to IT Archer Findings
- Exposure to enterprise share-point
- Should have critical skills to perform deep dive analysis and perform investigations on info security risks
- Experience of working with onshore stakeholders and spearhead discussions with different vendors
- Ability to handle critical situations around updating reports, strategies etc.
- Quick learning skills and meet the effort objectives with minimum guidance
- Flexible and adaptability to change
Other Requirements (licenses, certifications, specialized training - if required)
- CISA, CRISC, or CISSP Certifications preferred
Working Relationships
Internal Contacts
(and purpose of relationship):
- Inter Department in Metlife
External Contacts
(and purpose of relationship) - If Applicable
- Metlife Vendors
#BI-Hybrid
Similar Jobs at MetLife
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The Actuarial Consultant is responsible for leading projects, creating analyses, overseeing insurance products, managing data, developing strategic plans, and coordinating with various stakeholders to contribute to MetLife's mission.
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The Team Leader Operations will handle ADA claims, managing eligibility decisions, reviewing leave plans, performing administrative tasks related to leaves, and ensuring proper documentation. This role involves interacting with various stakeholders to maintain compliance in absence management.
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The Unit Manager - PMO will lead cross-functional teams in managing IT and application development projects, overseeing multiple project managers, and ensuring adherence to project management standards. The role involves communication with senior management, financial monitoring, and resource planning, while requiring strong leadership and organizational skills.
Top Skills:
JIRAMicrosoft Project
What you need to know about the Hyderabad Tech Scene
Because of its proximity to leading research institutions and a government committed to the city's growth, Hyderabad's tech scene is booming. With plans to establish India's first "AI city," the city is on track to become one of the world's most anticipated tech hubs, with companies like TransUnion, Schrödinger and Freshworks, among others, already calling the city home.