Head of Cyber Third Party and Risk Management
Boston, Massachusetts; Springfield, Massachusetts; New York, New York
Job ID: R16461
Overview
A career with us means you’ll help our customers secure their future and protect the ones they love. It also means you’ll work alongside exceptional people and be empowered to reach your professional and personal goals. Our employees are at the foundation of what makes MassMutual a strong, stable, and ethical business.
Our culture embodies the idea that we all are stronger and better through our support for one another. By valuing people for who they are, how they think, and what they bring to the table, we’ve become a better, more innovative company.
We invite you to explore the possibilities.
What our employees say
Job Description
Overview:
We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our business information assets. You will lead efforts to assess, mitigate, and monitor risks associated with third-party vendors and drive information security risk management across MassMutual’s critical business units / entities.
Key Responsibilities:
- Leadership and Strategy:
- Develop and execute a comprehensive third-party risk management strategy aligned with organizational objectives, regulatory requirements, and industry best practices.
- Define and implement cyber security strategies, policies, and standards to protect company assets and data.
- Third-Party Risk Management:
- Lead the assessment and ongoing monitoring of third-party vendors and partners to identify potential risks and vulnerabilities.
- Establish risk assessment frameworks, methodologies, and scoring models to evaluate the security posture of third parties.
- Vendor Due Diligence and Contract Management:
- Implement robust due diligence processes for assessing the security capabilities of prospective vendors and partners.
- Collaborate with legal and procurement teams to incorporate security requirements into vendor contracts and agreements.
- Risk Mitigation and Remediation:
- Develop and oversee the implementation of risk mitigation strategies and controls to address identified vulnerabilities and risks with third parties.
- Monitor and track remediation efforts to ensure timely resolution of security issues impacting third-party relationships.
- Cyber Security Governance:
- Develop and enforce cyber security policies, standards, and guidelines across the organization.
- Ensure compliance with regulatory requirements and industry standards (e.g., ISO 27001, NIST CsF) related to information security.
- Security Awareness and Training:
- Establish a world class enterprise cyber security awareness and training program.
- Develop relevant metrics to measure the efficiency and effectiveness of the security awareness and training program, facilitate appropriate resource allocation, and increase the maturity of the program.
- Cross-Functional Collaboration:
- Collaborate with internal stakeholders including IT, law, compliance, privacy procurement, and senior leadership to integrate third-party risk management and information security into business processes.
- Communicate security risks and recommendations to senior management, advocating for necessary investments and resources.
Required Skills and Qualifications:
- Bachelor’s degree in computer science, Information Technology, Business Administration, or related field; advanced degree preferred.
- Proven experience (8+ years) in third-party risk management, information security, or related cybersecurity roles, with at least 5 years in a leadership capacity.
- Deep understanding of third-party risk management frameworks (e.g., NIST SP 800-161, ISO 27001), regulatory requirements, and industry standards.
- Strong knowledge of information security principles, practices, and technologies, including data protection, encryption, access control, and identity management.
Excellent leadership and people management skills, with the ability to lead and mentor a diverse team of professionals.
- Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience.
- Effective communication skills, with the ability to articulate complex security concepts to non-technical stakeholders and influence decision-making at all levels.
Preferred Qualifications:
- Industry certifications such as CISSP, CISM, CRISC, or related certifications in risk management and cybersecurity.
- Experience in financial services, healthcare, or other regulated industries with stringent security and privacy requirements.
- Familiarity with emerging technologies and trends in cybersecurity, such as cloud security, IoT security, and DevSecOps practices.
#LI-MC1
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
State and federal laws and regulations, including the Violent Crime Control and Law Enforcement Act, limit employment of individuals with certain criminal backgrounds.
EEO Statement(Opens in new window)MassMutual will accept applications on an ongoing basis until such time as a candidate has been offered employment.
Salary Range: $189,900.00-$249,200.00
Hiring Process
-
Explore
To get started, explore our open jobs by clicking 'search jobs' to find a position that aligns with your experience and skills. You may also consider joining our Talent Network to receive information on jobs that may interest you and stay up-to-date with the latest MassMutual news.
-
Apply
To apply for a specific position, please click the “apply” button on that job posting to complete and submit your application. Your application will be reviewed by a recruiter which, due to the volume of applications received, may take some time as we carefully consider each application.
-
Screen
After your application has been reviewed, if you meet the qualifications for the role, a recruiter will reach out to you to start a conversation.
-
Interview
If you are invited for an interview, you will be scheduled to meet with the hiring manager and hiring team. Coordinating calendars for interview schedules can take time, so your patience and flexibility is appreciated.
-
Offer
If you are extended an offer to join MassMutual and accept, your start will be contingent upon a satisfactory background check.
-
Hire
If you accept the offer, we will be so excited to welcome you to the MassMutual community!
Recruitment Fraud Awareness
Job recruiter fraud is a scam by impostors posing as recruiters or representatives of a company promoting fake job opportunities to job seekers.
MassMutual will never ask job candidates to pay any kind of fee, make cash or check advancements, cash checks or make an investment in any product or service or provide information such as credit card numbers or banking PIN numbers as part of our hiring process.
If you are contacted by anyone asking for information outlined above it is likely fraudulent. If you have any concerns about the veracity of a request, please contact us directly to verify its legitimacy.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Award-Winning Culture
MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company operated for the benefit of our members and participating policyowners, we are defined by mutuality and our vision to provide financial well-being for all Americans. It’s more than our company structure—it’s our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources and rely on each other when it counts.
We strive to embrace diversity in every sense, focusing on building a thriving community where everyone is valued, included, and feels that they belong.
At MassMutual, we Live Mutual.
Benefits for the whole you (and your loved ones)
There’s more to your life than your job and there’s more to your aspirations than a paycheck. We take a holistic view of compensation and benefits that provides the flexibility to create a healthy balance in your life for work, family, and community. We offer the benefits you’d expect, like medical, dental, 401(k), and generous vacation time, but we also offer ones you might not expect, like three paid days for volunteering, a $1250 annual wellness wallet, and up to 320 hours of caregiver leave.
Explore some of our offerings below. Full benefits details can be found here.
- In addition to generous vacation time, paid holidays, and flexible holidays, MassMutual offers 'take care' time to take care of yourself or someone you love—whether for physical illness or mental health.
- Medical and dental insurance
- Life, disability short-term and long-term insurance
- Well-being wallet: $1,250 per year for a wide range of qualifying wellness expenses
- Well-being support: Mindfulness, nutrition, fitness
- Personalized mental health solutions
- Adoption and surrogacy reimbursement programs
- Competitive salary and bonuses
- 401(k): Up to 10% total benefit, consisting of a 5% company match and a 5% annual contribution
- Educational assistance program
- Childcare support
- Financial counseling
- Caregiver Leave (up to 320 hours)
- Maternity Leave (a total of 18 weeks, 10 maternity + 8 parental)
- Parental Leave (8 weeks for all parents, birth or adoption, continuous or intermittent)
- Bereavement Leave: Up to 15 days to mourn the loss of a loved one, and you define 'loved one'
- Matching Gift: 100% match on employees’ charitable contributions to non-profits up to $5,000
- Volunteering: Three paid days for employees to volunteer with eligible nonprofits of their choice
- Matching time: MassMutual Foundation awards dollars to organizations for which employees volunteer
- Qualified Commuter Program through which eligible employees can pay qualified workplace commuting expenses with before-tax dollars
- Commuter wallet option for employees based at Boston and NYC campuses
Why MassMutual?
Compliance Consultant
Service Management Consultant
Head of Experience Journey Mapping
How we work
MassMutual’s flexible workplace approach combines the importance of connecting in person and the flexibility of working remotely. Our hybrid model puts collaboration first with employees coming in at least three days per week to our spectacular campus settings and also enjoying the flexibility of remote Fridays, company-wide remote weeks, and a bank of flexible remote weeks to use throughout the year.
Where we work
Springfield Office
1295 State Street,
Springfield, MA
Boston Office
10 Fan Pier Blvd,
Boston, MA
New York Office
2 Park Ave,
New York, NY
Virtual
New Job Openings
-
Head of Vulnerability & Business Information Risk Management Boston, Massachusetts
-
Anaplan, Senior Model Builder Boston, Massachusetts
-
Head of Security Operations Center (SOC) Boston, Massachusetts
-
Accountant – Business Accounting Integration Team Boston, Massachusetts
-
Data Architect Springfield, Massachusetts
-
Technology Lead: Corporate Tech Engineering Boston, Massachusetts
Interested in pursuing a career as a financial professional? Learn how you can build your business and help people secure their future and protect the ones they love.