IT Security Assurance Consultant

Description and Requirements
Key Responsibilities:

• Provides subject matter expertise, strategic direction, and guidance on customer, regulatory, and industry information security requirements and best practices to ensure appropriate controls are evident in the environment. This includes aligning to security control frameworks and guidance such as but not limited to, NIST (800-53, Cybersecurity), ISO, HIPAA, Privacy, and SSAE-18 SOC1 & SOC2.
• Provides customer assurance by responding to B2B customer security questionnaires, ad hoc inquiries, site visits, contract reviews, and RFPs. Translates security policies, control frameworks, and contractual obligations into business requirements and contract security language.
• Partners with business, Information Technology, Privacy, Legal, and other areas to ensure policy and minimum-security requirements are represented accurately to customers and regulators.
• Coordinates and supports inbound Federal and State regulatory inquiries and exams. Supports Internal and External Audits as necessary.
• Demonstrates advanced understanding of business processes, internal control risk management, IT controls and related security standards.
• Identifies and recommends internal processing and systemic improvements to enhance Customer and Employee experience. Manages critical processes with high visibility to senior management.

Essential Business Experience and Technical Skills:
Required:

• 5 plus years' experience in information security, IT audit, compliance, and/or IT disaster recovery required.
• 3 plus years direct experience managing security, IT audits, compliance projects and/or similar processes.
• A high degree of knowledge in Information Security and controls and strong cyber regulatory compliance background.
• Strong technical IT background, understanding of applications, and network architecture.

Preferred:

• Information Security Governance and Control Framework experience such as NIST, ISO27002, COBIT, PCI, etc.
• Experience with compliance requirements for HIPAA, PCI, SOX, SSAE-18, etc.
• Experience with software applications such as Archer, ServiceNow, and/or Qvidian.
• Professional certification such as CISA, CISM, GSE, SANS or CISSP strongly preferred.
• Must have strong analytical skills, ability to manage and deliver multiple requests.

Benefits We Offer
Our U.S. benefits address holistic well-being with programs for physical and mental health, financial wellness, and support for families. We offer a comprehensive health plan that includes medical/prescription drug and vision, dental insurance, and no-cost short- and long-term disability. We also provide company-paid life insurance and legal services, a retirement pension funded entirely by MetLife and 401(k) with employer matching, group discounts on voluntary insurance products including auto and home, pet, critical illness, hospital indemnity, and accident insurance, as well as Employee Assistance Program (EAP) and digital mental health programs, parental leave, volunteer time off, tuition assistance and much more!
About MetLife
Recognized on Fortune magazine's list of the 2024 "World's Most Admired Companies", Fortune World's 25 Best Workplaces™ for 2024, as well as the 2025 Fortune 100 Best Companies to Work For ®, MetLife , through its subsidiaries and affiliates, is one of the world's leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East.
Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we're inspired to transform the next century in financial services. At MetLife, it's #AllTogetherPossible . Join us!
MetLife is an Equal Opportunity Employer. All employment decisions are made without regards to race, color, national origin, religion, creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, marital or domestic/civil partnership status, genetic information, citizenship status (although applicants and employees must be legally authorized to work in the United States), uniformed service member or veteran status, or any other characteristic protected by applicable federal, state, or local law ("protected characteristics").
If you need an accommodation due to a disability, please email us at [email protected]. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.
MetLife maintains a drug-free workplace.
#BI-Hybrid