Team Leader – Technology Services 60 views

Job Description – Asst. Manager – IT Risk and Security

Position Title:

Asst. Manager – IT Risk and Security

Function, Responsibility Level: Operations Manager (IC)

Reports to (Responsibility Level):

Unit Manager/ Manager – Operations

Supervises: NA [Individual Contributor]


MetLife GOSC


Global Grade:

10 M

Cost Center (85 series):


PID/s Load Mapping:

Position Summary

The IT audit coordinator will work with various groups across the IT organization and serve as a facilitator to enable timely completion of audits performed by internal and external auditors. The IT audit coordinator works with Internal and external auditors and process / control owners. This person will be the point person in key audit related activities such as audit planning, communication of the controls and audit objectives, schedule and attend meetings, track evidence requests and remediation activities to support various audit related activities. The IT audit coordinator will be responsible for timely and accurate updates to management.

Essential job functions and responsibilities:

  • Support the tracking of audits, schedule audit follow-up, and central storing of audit reports and artefacts.
  • Attend walkthrough, Information Provided by Entity, testing and reporting meetings for various audit engagements
  • Lead metrics-based tracking to measure effectiveness and efficiency of accomplishing various audit objectives
  • Actively work on Process, Risk and Controls framework
  • Work closely with the Archer risk findings team on risk related to audit issues
  • Review and upload audit requests, submission, correspondence, findings and results
  • Perform evidence reviews prior to delivering to auditors
  • Work closely with the project manager and provide regular updates on various audit meetings and sessions
  • Work with the audit issue management team to gather updates on audit issue remediation, assess Management Action Plan, report status of issues
  • Partner closely with IT Risk and Security organization stakeholders on audit controls testing, implementation of controls to address audit gaps, documentation of management action plans as response to audit reports etc

Knowledge, Skills and Abilities


  • A Bachelor’s degree from an accredited college or university with major course work in IT, Security or a closely related field.


  • 6 to 8 plus years of total experience and at least 4 to 5 years of experience in IT risk and compliance, internal audit or IT risk advisory with a strong understanding of audit processes and engagements
  • Experience with IT process, risk and controls framework and IT General Controls (ITGC)
  • Solid understanding of IT auditing procedures and techniques
  • Working knowledge in at least one of the Governance, Risk and Compliance (GRC) tools such as OpenPages (preferred), RSA Archer, RSAM, SAP GRC, Risk Connect, ACL etc.
  • Working knowledge of Sarbanes-Oxley, SSAE18 SOC 1 and SOC2 requirements.
  • Experience with industry standard Information Technology Control Policies and Standards frameworks including COBIT, NIST and ISO is preferred
  • Independently plan, organize and direct an audit program under minimal supervision

Knowledge and skills (general and technical)

  • Excellent interpersonal, verbal, and written communication skills, including experience in making presentations to senior management and technical subject matter experts
  • Ability to conducting training sessions on various IT audit topics
  • Experience with Microsoft based applications such as Excel and SharePoint. Advanced excel skills such as VLOOKUP, Pivot tables and macros, is desirable
  • Ability to work effectively with multiple levels of management and collaborate to improve promote partnership. Establish and maintain effective working relationships with process and control owners
  • Must process problem solving, planning, and analytical skills to drive continuous improvements
  • Flexibility in working hours and handling escalation and pressure situations
  • Excellent inter-personal skills with the ability to coordinate cross functionally

Other Requirements (licenses, certifications, specialized training – if required)

Working Relationships

Internal Contacts

(and purpose of relationship):

  • All Internal GOSC Stake Holders

External Contacts

(and purpose of relationship) – If Applicable

  • Stateside Client/ Engineers from different regional Security teams (Such as Country/Regional Head for Monitoring/Containment)

More Information

Only candidates can apply for this job.
Share this job
Company Information
  • Total Jobs 20 Jobs
  • Location INDIA

Contact Us