Our Ability Jobs

Job Information

MetLife Director - IT Audit - SOX & IAM in Cary, North Carolina

Role Value Proposition:

Internal Audit is an independent global organization that plays an important role in partnering with the business to ensure management anticipates, recognizes, and appropriately manages risks. The IT SOX Program Manager and Identity and Access Management Lead, Internal Audit, assists the VP of Global Technology Audit in providing leadership, oversight, and advice over the scoping and testing of IT general controls supporting MetLife’s overall SOX program. This role provides leadership over the assessment and consistent testing of identity and access management (IAM) controls across the global MetLife footprint, and assesses controls over MetLife’s enterprise IAM processes and technologies. This role also engages in discussions regarding critical and high IT risks across the three lines of defense and advises line of business management and Risk Management on potential strategies to mitigate these risks.

Key Responsibilities:

  • Support the VP-Global Technology Audit in providing leadership and management of the IT SOX infrastructure team responsible for testing IT general controls and enterprise processes that inform management’s assessment of internal controls over financial reporting.

  • Provide input into management’s and the Internal Controls Department’s scoping of applications, infrastructure, and IT general controls, and will provide advice across a variety of IT SOX and SSAE18 topics. This role will also help ICD and other stakeholders draw conclusions regarding control design and operating effectiveness.

  • Lead and manage the Global Technology Internal Audit team’s audit coverage of enterprise identity and access management processes and tools, and US-based change management and IT operations processes and tools.

  • Perform the risk assessment, audit planning, audit execution, issues management, and develop consolidated results for review and reporting to Global Technology and Operations (GTO) leadership, the Internal Controls Department and Internal Audit leadership.

  • Manage relationships with the IT SOX team in the Information Security Organization and Internal Controls Departments, in addition to IAM, change management and operations stakeholders in ISO and infrastructure.

  • Coordinate with Internal Audit team’s globally on international coverage for SOX, as well as MetLife’s external auditor on work performed to enable reliance on IA’s work. Report as a Program Manager on current status frequently, escalating obstacles and potential issues timely to management, Internal Audit and other stakeholders for assistance in resolving issues timely.

  • Lead and review the design and execution of IA’s detailed tested of controls and analytics over IAM-related processes and controls, including network access testing, privileged access testing, provisioning/re-certification of network, application and infrastructure access, etc.

  • Provide thought leadership on the current state and future direction of IAM-related topics, including zero-trust, role-based access control, vendor and customer IAM governance, processes, and tooling.

  • Maintain an ongoing collaborative relationship with management and assume accountability for client engagement during audit-related work to ensure timeliness and transparency of audit-related results (avoid surprises)

  • Actively manage the Balanced scorecard metrics and ensure they are on par to meet expectations, and, if lagging, demonstrate urgency to resolve and get metrics back on track

  • Lead teams through the entire life cycle of audit-related projects, including day-to-day supervision of staff to deliver on commitments

  • Ensure quality and timely delivery of audit-related projects and issue remediation testing, including performance of overall reviews per methodology. Issue audit reports in compliance with quality standards

  • Lead and model MetLife success principles in project execution

  • Serve as the identity and access management capability leader, including proposing global roadmap for audit coverage using a risk-based approach

  • Provide individual-level project evaluations. Responsible for coaching and mentoring IA staff by providing project-based performance feedback to support performance development plans

Essential Business Experience and Technical Skills:


  • 8+ IT audit experience, IT SOX, public accounting and/or IT security experience

  • Proven track record of success as an IT SOX Program Manager, advising finance and IT management on compliance risks, and leading/coaching junior team members on methodology, stakeholder management, and the more technical aspects of IT SOX and IAM reviews.

  • Strong competencies/body of knowledge of IT SOX, identity and access management, privileged access management, vendor/third party risk management and IT governance, having led multiple assessments of an organization’s processes against leading security standards/practices (e.g., NIST, ISO 27001, COBIT, SOX, PCI).

  • Able to demonstrate executive presence, and clearly and frequency communicate potential risks, audit scoping and risk assessments, and audit results succinctly and effectively to executive leadership of the organization.

  • Certified as a CISA, CISM or CISSP designation.

  • Proficient capabilities in the areas of critical thinking, root cause analysis, and written/verbal communications.

  • Bachelor’s degree or equivalent experience required, preferably major in Computer Science, Information Technology or Accounting


  • Proficient experience in the design and/or operation of current/leading IAM tools

  • Training / Certifications in IT Security, SOX, IAM tools

Business Category


Number of Openings


At MetLife, we’re leading the global transformation of an industry we’ve long defined. United in purpose, diverse in perspective, we’re dedicated to making a difference in the lives of our customers.


MetLife, through its subsidiaries and affiliates, is one of the world’s leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.

We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine's 2021 list of the "World's Most Admired Companies."

MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.

We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.

MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.

MetLife maintains a drug-free workplace.

Requisition #: 120816