Strategic leadership role with end-to-end ownership of technology risk, governance, and compliance in a highly regulated environment, offering strong visibility with senior leadership and global stakeholders.
Opportunity to drive digital transformation (cloud, Agile, DevSecOps) while embedding robust risk controls—balancing innovation with security and compliance.
Broad exposure across cybersecurity, infrastructure, data, and third-party risk, along with direct interaction with audit, regulators, and business leaders, enabling significant professional growth and impact.
Annual Salary: 10 million yen and above
Job Description:
The Technology Risk & Control Director leads the IT Risk and Controls function for MetLife Japan. This role is responsible for planning, overseeing, and managing technology risk management frameworks, controls, and compliance strategies to ensure adherence to regulatory requirements, internal policies, and global standards.
The role partners closely with Japan IT leadership, Global Risk, Compliance, Internal Audit, and business stakeholders to ensure risks across infrastructure, cyber security, data, applications, and business continuity are effectively identified, managed, and remediated. The position plays a critical leadership role in enabling technology transformation while maintaining strong governance, controls, and operational resilience.
Job Responsibilities:
Strategic Leadership & Governance
Establish and execute the strategic direction for the IT Risk & Controls function across MetLife Japan.
Define and implement a comprehensive vision for technology risk management, controls, and governance aligned with global standards.
Ensure compliance with local and global regulatory requirements, MetLife policies, and control requirements.
Risk Management & Controls
Develop, implement, and continuously improve technology risk management frameworks, standards, and control processes.
Lead Non‑Financial Risk Assessment (NFRA) activities, partnering with Operational Risk to define the assessment universe and remediation plans.
Identify, manage, and resolve technology risks, control gaps, dependencies, and audit findings.
Audit & Issue Management
Serve as the primary technology interface with Internal Audit, External Audit, Operational Risk, and Compliance.
Coordinate and oversee technology audits, regulatory examinations (e.g. SOX, GAAP), and internal/external control assessments.
Own remediation planning, execution, and reporting for technology risk and control issues. Develop programs to proactively assist IT in audit preparation.
Partner with IT leadership to facilitate and submit regulatory reporting related to IT.
Stakeholder & Partner Management
Partner with Japan business leaders, IT leadership, and Global GTO stakeholders to embed risk‑aware decision making.
Collaborate with Architecture, Information Security, Infrastructure, and Data teams to proactively manage risks.
Manage key vendor relationships to ensure third‑party risk and control obligations are met.
Technology Enablement & Ways of Working
Enable secure, compliant delivery of technology initiatives and digital transformation programs.
Support adoption of Agile ways of working across the software delivery lifecycle while ensuring strong controls.
Balance speed, innovation, and risk management in a complex, regulated environment.
People & Capability Development
Build, develop, and sustain strong technology risk and controls capabilities.
Drive upskilling and reskilling aligned with an engineering‑led culture
Lead by example in fostering accountability, ownership, and continuous improvement
Job Qualification:
7+ years of experience in Information Technology, Technology Risk, IT Governance, Controls, or related disciplines within financial services or other highly regulated environments.
7+ years of leadership experience overseeing technology risk, controls, governance, or assurance functions at an enterprise or country level.
Demonstrated experience leading IT risk and control programs covering infrastructure, applications, cyber security, data, and business continuity.
Proven track record of direct engagement with Internal Audit, External Audit, Regulators, and Operational Risk teams, including ownership of audit responses and remediation.
Experience operating within global operating models, coordinating with regional and global stakeholders while addressing local regulatory requirements (e.g., JFSA).
Hands‑on experience managing third‑party / vendor risk, including oversight of outsourced technology services and SaaS providers.
Experience supporting or governing Agile and DevSecOps delivery models while maintaining strong risk and control discipline.
Demonstrated ability to influence senior executives and technology leaders without direct line authority.
Preferred Qualification:
Prior experience in insurance, banking, or capital markets environments.
Experience supporting regulatory examinations or supervisory reviews related to IT risk, cyber security, or operational resilience.
Experience participating in or leading Non‑Financial Risk Assessment (NFRA) or equivalent enterprise risk frameworks.
Experience driving technology transformation initiatives (cloud adoption, digital platforms, modernization) with embedded risk controls.
Language Proficiency: Business level Japanese (JLPT N2) and Business Level English.
Company Description
Our Client has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe, and the Middle East. We are ranked #43 on the Fortune 500 list for 2018. With over 150 years of experience, the companies offer life, accident and health insurance, retirement, and savings products through agents, third-party distributors such as banks and brokers, and direct marketing channels. Our name is recognized and trusted by approximately 100 million customers worldwide, and we serve more than 90 of the top 100 FORTUNE 500 companies in the United States.