Internal Audit is an independent global organization that plays an important role in partnering with the business to ensure that management anticipates, recognizes, and appropriately manages risks. We devote our highly skilled staff to those activities of the highest risk taking into account the concerns of management and independent boards. We protect MetLife and our stakeholders through meaningful independent assurance and advice, while advocating for risk management and internal controls. This department is considered as an industry frontrunner in adopting digitalization, Robotics Process Automation (RPA) and AI in its audit practice, and it consists of 300+ employees in global, regional and local audit roles. MetLife Japan IA consists of 50+ auditors across finance, technology, insurance operations, actuarial, data governance and data analytics areas.
The role of the Audit Manager is:
Delivering and managing IT audit assignments to ensure that all IT, business and regulatory risks are anticipated, identified, recognized and appropriately managed in alignment with the departmental audit plan and initiatives.
Applying the MetLife Audit Approach to audit assignments in a professional and effective manner in order to provide management with a fair, objective and technically accurate assessment of their system of internal controls.
Supporting the Audit Director / Assistant Vice Presidents in relation to the delivery of the audit plan and departmental activities.
Understanding and working together with Audit Director or Assistant Vice President’s expectations regarding deliverables and timeframes for IT audit projects on the audit plan.
Drive internal audit efforts to increase overall value to the business.
Provide management with an objective review of risks and controls from an independent view. Remain active with appropriate external professional organizations and keep informed on developments in the field of auditing, industry regulation and insurance practices.
Provide proactive and relevant management reporting of audit activities and results to Audit Director or Assistant Vice President.
Conduct continuous assessment of internal and external IT risks, develop, execute and provide oversight of audit plan covering identified risks, make effective and efficient use of audit resources in line with audit risk methodology.
Manage and execute comprehensive IT audits using department guidelines, knowledge of the business and understanding of controls to provide management with an independent appraisal of the control environment.
Support business audit team in conducting integrated audits and evaluating system application controls.
Review and determine the Business’s compliance with established policies, procedures, laws and regulations, and existing regulatory requirements.
Align Internal Audit process, risk and control activities to support business strategies through process-oriented thinking and end to end view capabilities.
Promote use of Data Analytics within Internal Audit by collaborating with other external / internal departments.
Analyze and assess the impact of audit findings and recommendations on future operating environment. Assess effectiveness of key action plans provided by auditees to resolve control issues or risks.
Delivering high quality reports, which are concise, easy to read and in a timely manner.
Assist in the performance of risk assessments, development and execution of quarterly plan activities.
Attend and participate in management committee meetings as appropriate, feeding relevant information back into the risk assessment process.
Contribute towards IT audit activities with the external auditor.
Lead or participate in team or departmental level projects and initiatives ensuring that goals and target dates are met, and the work product is of high quality.
Achieve goals and execute audit plan in a team environment; be viewed as a valued member of the team; balances multiple responsibilities.
Understanding of project management methodologies and performing project assurance gate reviews.
Tracking and follow-up on open issues.
Act as a primary contact in communicating IT risks, audit plans and audit results to audit management and clients.
Proactively engage with and manage auditees to ensure full understanding of expectations of the audits.
Agreeing all issues with auditees to facilitate completion of final report.
Maintains a positive working relationship with auditees and sustains an ongoing relationship with key business contacts.
Is a ‘trusted advisor’.
Managing people, including supervision and direction to associates on delivering the audit plan, providing effective coaching on career development guidance, and actively engaging in the performance management process. Coaches team and develops audit staff as part of succession planning.
Essential Business Experience and Technical Skills
Bachelor’s degree with preference for major in IT, Business, Economics, Finance, Law or Accounting.
8+ years of hands on IT audit experience.
Strong understanding of Generally Accepted Audit Standards, IIA Standards, risk and controls, audit sampling and testing methodologies, SOX (or J-SOX) requirements, risk management, regulatory reporting.
Good understanding of IT General Controls across platforms (Application, OS, DB) for Change Management, User Access Management, Backup and Recovery Management, Batch Job Management and Problem/Incident Management.
Good understanding of industry standards such as the NIST Cybersecurity Framework, PCI-DSS, API framework, Agile methodologies, data governance, as well as auditing these areas.
Good understanding of cloud governance, architecture, operation, security, compliance frameworks, as well as auditing these areas.
Good understanding of application security testing and OWASP.
Working knowledge of cybersecurity protection solutions, systems architecture, business processes and system risks, operating system and database platforms (OS such as Wintel, AS/400. Unix and Database such as SQL, Oracle, DB2) with understanding of networking concepts and security.
Ability to understand and analyze data to plan and execute audit.
Strong analytical and problem-solving skills.
Strong written and verbal communication skills in Japanese and English.
Big 4 experience and/or internal audit in the financial service industry.
Recognized qualification in CISSP, CISA, CISM or ISO27001 Lead Auditor.
Proficient with data analysis tools and techniques such as Excel/ACL/Tableau/Power BI and other tools.
Demonstrated ability to influence business stakeholders as well as coach audit team members.
The Internal Audit Organization plays an important role in partnering with the business to ensure key risks are anticipated, recognized and appropriately managed.
The Internal Audit Department’s mission is to provide objective assurance and advocate for internal controls, enabling MetLife to manage risk, execute on strategy and to make and keep its promises. Our vision is to be innovative, effective and efficient global leaders in governance, risk and control activities.
Ensure compliance to MetLife Policy & Procedures, leading practices, procedural efficiency, risk management and accuracy.
Ensure compliance to regulatory standard and good practice.
Ensure compliance with SOX and accurate reporting of the Company’s financial position as required.
Protect MetLife and its stakeholders through meaningful independent assurance and advice while advocating for risk management and internal controls.
Other Comments The incumbent must have the ability to motivate an audit team towards common objectives while ensuring business partners recognize the function as objective, value adding and of the highest integrity.
The incumbent must be prepared for minimal travel to ensure there are scheduled on-site visits and visibility to management.
Flextime Policy – MetLife Japan adopts Flextime Policy, with core hours of 11:00 to 14:00.
Dress Code - Dress for the Day; Our “Dress for the Day” policy gives employees the flexibility to adapt clothing to their schedule. Use discretion – dress formally or informally according to the needs of the day.
Certification Support Program - Internal Audit supports annual membership fee for CPA, CIA, CISA, etc.
MetLife Success Principles
Build Tomorrow: We drive change and innovation
Experiment with confidence
Act with urgency
Win Together: We empower each other to succeed
Seek diverse perspectives
Own it: We deliver for our customers, shareholders and each other
Deliver what matters
Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East. We are ranked #43 on the Fortune 500 list for 2018. With over 150 years of experience, the MetLife companies offer life, accident and health insurance, retirement and savings products through agents, third-party distributors such as banks and brokers, and direct marketing channels. Our name is recognized and trusted by approximately 100 million customers worldwide and we serve more than 90 of the top 100 FORTUNE 500® companies in the United States.
MetLife Insurance K.K. (“MetLife Japan”) is a Japan entity with over 40 years of experience, which is 100% owned by MetLife, Inc. based in New York. MetLife Japan is the second largest within the MetLife companies and the 6th largest life insurance company in Japan in terms of revenue.