Mutual Opportunities
Head of Cyber Third Party and Risk Management
Boston, Massachusetts; Springfield, Massachusetts; New York, New YorkThank you to our employees for voting us one of the top places to work in Massachusetts for five consecutive years!
Overview
A career with us means you’ll work alongside exceptional people and be empowered to reach your professional and personal goals. Our employees are at the foundation of what enables MassMutual to deliver on our purpose to help people secure their futures and protect the ones they love.
We embrace the idea that we all are stronger and better through our support for one another. We strive to create a culture where employees feel valued and are celebrated for who they are.
Job Description
Overview:
We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our business information assets. You will lead efforts to assess, mitigate, and monitor risks associated with third-party vendors and drive information security risk management across MassMutual’s critical business units / entities.
Key Responsibilities:
- Leadership and Strategy:
- Develop and execute a comprehensive third-party risk management strategy aligned with organizational objectives, regulatory requirements, and industry best practices.
- Define and implement cyber security strategies, policies, and standards to protect company assets and data.
- Third-Party Risk Management:
- Lead the assessment and ongoing monitoring of third-party vendors and partners to identify potential risks and vulnerabilities.
- Establish risk assessment frameworks, methodologies, and scoring models to evaluate the security posture of third parties.
- Vendor Due Diligence and Contract Management:
- Implement robust due diligence processes for assessing the security capabilities of prospective vendors and partners.
- Collaborate with legal and procurement teams to incorporate security requirements into vendor contracts and agreements.
- Risk Mitigation and Remediation:
- Develop and oversee the implementation of risk mitigation strategies and controls to address identified vulnerabilities and risks with third parties.
- Monitor and track remediation efforts to ensure timely resolution of security issues impacting third-party relationships.
- Cyber Security Governance:
- Develop and enforce cyber security policies, standards, and guidelines across the organization.
- Ensure compliance with regulatory requirements and industry standards (e.g., ISO 27001, NIST CsF) related to information security.
- Security Awareness and Training:
- Establish a world class enterprise cyber security awareness and training program.
- Develop relevant metrics to measure the efficiency and effectiveness of the security awareness and training program, facilitate appropriate resource allocation, and increase the maturity of the program.
- Cross-Functional Collaboration:
- Collaborate with internal stakeholders including IT, law, compliance, privacy procurement, and senior leadership to integrate third-party risk management and information security into business processes.
- Communicate security risks and recommendations to senior management, advocating for necessary investments and resources.
Required Skills and Qualifications:
- Bachelor’s degree in computer science, Information Technology, Business Administration, or related field; advanced degree preferred.
- Proven experience (8+ years) in third-party risk management, information security, or related cybersecurity roles, with at least 5 years in a leadership capacity.
- Deep understanding of third-party risk management frameworks (e.g., NIST SP 800-161, ISO 27001), regulatory requirements, and industry standards.
- Strong knowledge of information security principles, practices, and technologies, including data protection, encryption, access control, and identity management.
Excellent leadership and people management skills, with the ability to lead and mentor a diverse team of professionals.
- Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience.
- Effective communication skills, with the ability to articulate complex security concepts to non-technical stakeholders and influence decision-making at all levels.
Preferred Qualifications:
- Industry certifications such as CISSP, CISM, CRISC, or related certifications in risk management and cybersecurity.
- Experience in financial services, healthcare, or other regulated industries with stringent security and privacy requirements.
- Familiarity with emerging technologies and trends in cybersecurity, such as cloud security, IoT security, and DevSecOps practices.
#LI-MC1
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
MassMutual will accept applications on an ongoing basis until such time as a candidate has been offered employment.
Salary Range: $189,900.00-$249,200.00
Hiring Process
Explore
Explore our open jobs by clicking 'search jobs' to find a position that aligns with your experience and skills. You may also consider joining our Talent Network.
Apply
Click the “apply” button on that job posting to complete and submit your application. Your application will be reviewed by a recruiter, which, due to the volume of applications received, may take some time as we carefully consider each application.
Screen
After your application has been reviewed, if you meet the qualifications for the role, a recruiter will reach out to you to start a conversation.
Interview
If you are invited for an interview, you will be scheduled to meet with the hiring manager and hiring team.
Offer
If you are extended an offer to join MassMutual and accept, your start will be contingent upon a satisfactory background check.
Hire
If you accept the offer, we will be so excited to welcome you to the MassMutual community!
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
By the numbers*
- 88% of employee respondents say they are proud to work at MassMutual
-
90
% of employee respondents say they feel encouraged to bring forth new ideas - 86% of employee respondents say MassMutual cares about and supports the well-being of their employees
*Source: 2024 MassMutual employee engagement survey
Award-Winning Culture
MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company operated for the benefit of our members and participating policyowners, we are defined by mutuality and our vision to provide financial well-being for all Americans. It’s more than our company structure — it’s our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources and rely on each other when it counts.
We strive to embrace diversity in every sense, focusing on building a thriving community where everyone is valued, included, and feels that they belong.
At MassMutual, we Live Mutual.
How We Work
MassMutual’s flexible workplace approach combines the importance of connecting in person and the flexibility of working remotely. Our hybrid model puts collaboration first with employees coming in at least three days per week to our spectacular campus settings and also enjoying the flexibility of remote Fridays, company-wide remote weeks, and a bank of flexible remote weeks to use throughout the year.
Benefits for the whole you (and your loved ones)
There’s more to your life than your job and there’s more to your aspirations than a paycheck. We take a holistic view of compensation and benefits that provides the flexibility to create a healthy balance in your life for work, family, and community. We offer the benefits you’d expect, like medical, dental, 401(k), and generous vacation time, but we also offer ones you might not expect, like three paid days for volunteering, a $1,250 annual Well-Being Wallet, and up to 320 hours of caregiver leave.
Explore some of our offerings below. Benefit details can be found here.
Why MassMutual?
Kevin
Compliance Consultant
Seth
Service Management Consultant
Kymberly
Head of Experience Journey Mapping
where we work
New Job Openings
Sign up for job alerts
Don't see what you're looking for? Sign up for job alerts and we'll notify you when jobs become available.
Job recruiter fraud is a scam by impostors posing as recruiters or representatives of a company promoting fake job opportunities to job seekers.
MassMutual will never ask job candidates to pay any kind of fee, make cash or check advancements, cash checks or make an investment in any product or service or provide information such as credit card numbers or banking PIN numbers as part of our hiring process.
If you are contacted by anyone asking for information outlined above, it is likely fraudulent. If you have any concerns about the veracity of a request, please contact us to verify its legitimacy.
Share This Job