Head of Cyber Security & Security Operations

Position Overview

Massachusetts Mutual Life Insurance Company (MassMutual) is seeking a dynamic and experienced leader to serve as Head of Cybersecurity Strategy & Operations. This role is a critical member of the cybersecurity leadership team, reporting directly to the CISO, and is responsible for leading the operational execution of the enterprise cybersecurity program. The successful candidate will oversee all aspects of cyber operations, governance, risk and compliance —including the Security Operations Center (SOC), threat intelligence, incident response, and vulnerability management—while also playing a pivotal role in shaping and executing the company’s cybersecurity strategy. This leader will act as a trusted delegate to the CISO, ensuring continuity of leadership and resilience across the cybersecurity function.

Key Responsibilities

Reporting to the CISO, the Head of Cyber SOC & Cyber Strategy + Operations is a critical enterprise leader accountable for the day-to-day resilience of the company’s cyber security operations and long-term cyber security strategy. This role will lead MassMutual’s strategy to safeguard digital assets and sustain policyholder trust by driving proactive threat management, advanced data analytics, and disciplined risk management. This role will implement cutting-edge security controls and continuously adapt them to address the evolving threat landscape to strengthen cyber resiliency while enabling the business. This role will foster a pervasive culture of security awareness across the enterprise, ensuring risk-informed decisions, measurable control effectiveness, and rapid detection and response—so security accelerates innovation and delivers resilient, trustworthy outcomes for our policyholders. This executive owns the global Security Operations Center (SOC), Threat Intelligence, Incident Response, and security operations platforms, while orchestrating the operating model, metrics, and governance for a high-performing cyber program. The role partners deeply with ERM to integrate cyber risk into the enterprise risk framework and routinely engages executive leadership and the Board on posture, risk, and program maturity.

Strategy & Operating Model

• Create, refine, and operationalize the multi-year cybersecurity strategy and roadmap; translate strategy into an executable operating plan, budgets, and measurable outcomes.

• Establish and continuously improve the cyber operating model (first/second line interfaces, decision rights, runbooks, service levels), ensuring alignment with enterprise risk appetite and regulatory expectations.

Security Operations (SOC) & Incident Readiness

• Lead 24×7 global SOC operations (monitoring, detection, triage, response, recovery), integrated with Threat Intel and Incident Response; ensure modern detection engineering and threat-informed defense.

• Own cyber incident response: playbooks, tabletop exercises, and lessons-learned; coordinate with cyber partner organizations and corporate communications, on material events.

Governance, Risk & Compliance

• Integrate cyber risk programs and frameworks (e.g., NIST CSF, FAIR) with the enterprise risk framework; run or contribute to risk councils, steering committees, and regulatory/assurance routines.

• Drive cyber policies, standards, and control health; ensure readiness for regulators, auditors, customers, and partners; partner with ERM on material risk identification and reporting.

Metrics, Reporting & Executive Engagement

• Define and maintain KPIs/KRIs and board-level metrics that reflect risk reduction, operational performance, and program maturity; produce concise, decision-oriented reports for the CISO, ELT, and Board.

Architecture, Engineering & Third Parties

• Partner with Security Architecture/Engineering to ensure controls are designed for cloud and on-prem environments and are instrumented for measurable effectiveness.

• Oversee critical security platforms and vendors (SIEM, EDR, SOAR, threat intel, vulnerability/attack surface management); evaluate providers, negotiate outcomes, and ensure measurable value.

• Collaborate with Procurement/TPRM for third-party cyber risk management and incident coordination with key suppliers.

Culture, Talent & Budget

• Build and lead a high-performing, mission-driven team; set outcomes, develop leaders, design on-call/coverage models, and foster a culture of accountability, speed, and continuous improvement.

• Own budgets for SOC and operations, tying investments to risk reduction and performance outcomes.

• Champion security awareness and partnership across technology and the business. 12-Month Success Measures (Examples)

• Mean Time to Detect/Respond (MTTD/MTTR): ≥30% improvement across priority incident classes.

• Detection Quality: False-positive rate reduced by ≥25%; ≥90% coverage of critical MITRE ATT&CK techniques relevant to our threat model.

• Vulnerability Risk: Critical risk backlog reduced by ≥50%; SLA compliance ≥95% for tier-1 assets.

• Program Maturity: Target state achieved for top 3 control domains (e.g., identity, endpoint, cloud) and ≥1 maturity tier uplift in SOC capability.

• Board/Regulatory Confidence: Clear KRIs established; positive external

assurance outcomes (no high-severity findings).

• Talent & Operating Model: Key leadership roles filled; healthy on-call model;

>85% team engagement/retention.

Required Qualifications

• 12–15+ years of progressive cybersecurity leadership in complex, regulated enterprises; proven accountability for SOC/IR, vulnerability management, and cyber operations.

• Demonstrated success shaping and executing cyber strategy and integrating cyber risk with enterprise risk frameworks; direct Board/ELT engagement experience.

• Depth in threat-informed defense, detection engineering, incident command, and large-scale operations.

• Bachelor’s degree in Information Security, Computer Science, or related field; advanced degree preferred. Relevant credentials (e.g., CISSP, CISM, CRISC) strongly preferred.

Required Certifications

 CISSP (Certified Information Systems Security Professional) Strongly Preferred, CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), GIAC certifications (e.g., GCIA, GCIH, GRID) for SOC/IR expertise, CISA (Certified Information Systems Auditor) for governance and compliance.

#LI-MC1

MassMutual is an equal employment opportunity employer. We welcome all persons to apply.

If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.