Cyber Risk Quantification Consultant
3 weeks ago
The Opportunity This role will be accountable for establishing and maintaining a cyber risk quantification methodology and will work closely with key cyber and IT governance teams including the ETX Governance and Risk team and the Security Intelligence team to ensure changes to internal controls and the external cyber threat landscape are factored into our cyber risk calculations.The TeamThe Cyber Risk Quantification Consultant sits within MassMutual’s Enterprise Technology Experience (ETX) division, within the Enterprise Cyber Security (ECS) department and focuses on building our Cyber Risk Quantification efforts to effectively measure and report on changes and contributing factors to the MassMutual’s cyber risk level.The ImpactEstablish a cyber risk quantification methodology that effectively details inputs, outputs, and measurements for cyber risk at MassMutual.Identify appropriate sources for cyber risk reporting and opportunities for automation of data inputs/outputs.Participate in the maintenance and continuous improvement of the cyber risk register based on knowledge of the business, cyber threat landscape, and National Institute of Standards and Technology (NIST) cybersecurity frameworks.Partner with the ETX Governance & Risk and Security Intelligence teams to ensure results from controls effectiveness testing are captured as part of residual risk calculations and that emerging cyber threats are factored into inherent cyber risk calculations.Utilize IT and cyber risk subject matter expertise, understanding of the financial services industry, and collaboration with peers to properly advise on suitable actions to take to reduce risk.Work with ETX Risk and BISO teams to track open mitigations as part of the cyber risk register and hold business owners accountable for completing risk mitigation activities.Collaborates closely with the Security Intelligence team to understand changes in the cyber threat landscape and determine potential impact to MassMutual’s inherent cyber risk score. Collaborate with second- and third-line control areas including Corporate Audit, Financial Risk Reporting, and Enterprise Risk.Interface with internal team members and key stakeholders to provide accurate visibility into cyber risks, including partnering with Data Science, as needed.Collaborates with members of ECS and other risk areas including Enterprise Risk ManagementCommunicate and champion the program roles and initiatives.Prepare risk reporting dashboards and recommend/build enhancements to ensure consistent alignment with risk environment changes and updates.Quantify and prepare metrics to demonstrate residual risks, prioritize remediation actions, and/or outline and facilitate criteria for risk acceptance.Work with cyber security function leadership to prepare and report Key Risk Indicator (KRI) data for dashboards and metrics.Minimum QualificationsBachelors degree8+ years in Cyber Security, Technology Risk Management, Cyber Security Program Management, or a related field.1+ year with all aspects of cyber-security risk including - identification, analysis, quantification, and remediation strategies.1+ year with MITRE ATT&CK and Cyber Kill Chain, including Tactics, Techniques, and Procedures (TTPs)1+ year with threat modeling or other mechanisms for identifying internal cyber risk.1+ year of applied knowledge of cybersecurity risk and control frameworks such as NIST CSF, NIST 800-53, CMMC, ISO 27K series, CIS Critical Security Controls, CSA Cloud Control Matrix, etc.Preferred QualificationsPossession of or willingness to pursue related certifications (CRISC, CCSP, CISSP, etc.)Exceptional relationship management – building and maintaining collaborative partnerships across all levels of an organization.Strong communication skills and ability to influence others.Proven ability to articulate the why and to enable fact-based decision making.Excellence in Execution – Ensuring commitments are met and ensuring key stakeholders are constantly informed of status.Strong leadership qualities and business acumen and an ability to communicate with all levels of the organization.Strong written and verbal communication skillsSelf-starter who is willing to take on new challenges in response to the changing cyber threat landscape.Excellent written and verbal communication skills.Demonstrated success in guiding and influencing sound cyber risk and security remediation strategies aligned with core business objectives and risk appetite.Ability to deal with the ambiguity associated with working in a fast paced and changing environment.Experience or knowledge in life insurance and/or financial services products and services.Business acumen experience in key enterprise technology and business areas.#LI-RK1Salary Range:$128,000.00-$168,000.00At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.Why Join Us.We’ve been around since 1851. During our history, we’ve learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It’s more than our company structure – it’s our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.At MassMutual, we focus on ensuring fair, equitable pay by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component. For more information about our extensive benefits offerings please check out our Total Rewards at a Glance.SummaryLocation: Springfield, MA; Boston, MAType: Full time
-
Director, Insurance Risk
1 month ago
Boston, United States Fidelity Investments Full timeJob Description: Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance...
-
Director, Insurance Risk
1 day ago
Boston, MA, United States Fidelity Investments Inc. Full timeJob Description: Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance...
-
Director, Insurance Risk
1 week ago
Boston, United States Fidelity Investments Full timeJob Description: Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance...
-
Cyber Security Engineer
1 day ago
Boston, MA, United States Saxon Global Full timeTitle: Cyber Security Engineer Interview Process: 1-2 rounds The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required...
-
Cyber Security Policy Engineer
1 day ago
Boston, MA, United States Saxon Global Full timeTitle: Cyber Security Engineer Interview Process: 1-2 rounds The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required...
-
XM Cyber Solution Consultant
4 days ago
Boston, United States ServiceNow Full timeCompany DescriptionAt ServiceNow, our technology makes the world work for everyone, and our people make it possible. We move fast because the world can’t wait, and we innovate in ways no one else can for our customers and communities. By joining ServiceNow, you are part of an ambitious team of change makers who have a restless curiosity and a drive for...
-
XM Cyber Solution Consultant
4 days ago
Boston, Massachusetts, United States ServiceNow Full timeCompany DescriptionAt ServiceNow, our technology makes the world work for everyone, and our people make it possible. We move fast because the world can't wait, and we innovate in ways no one else can for our customers and communities. By joining ServiceNow, you are part of an ambitious team of change makers who have a restless curiosity and a drive for...
-
XM Cyber Solution Consultant
3 days ago
Boston, United States ServiceNow Full timeJob DescriptionJob DescriptionCompany DescriptionAt ServiceNow, our technology makes the world work for everyone, and our people make it possible. We move fast because the world can’t wait, and we innovate in ways no one else can for our customers and communities. By joining ServiceNow, you are part of an ambitious team of change makers who have a restless...
-
Director, Insurance Risk
4 days ago
Boston, United States Fidelity Investments Full timeJob Description: Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance...
-
Remote Cyber Security Specialist
1 week ago
Boston, United States TCI Technology Consulting Inc Full timeTCI has an immediate need for a Remote Cyber Security Specialist in Raleigh, NC. This is not a Corp2Corp opportunity. This is a long-term contract opportunity with the possibility of hire. In addition to competitive, market-rate based pay, TCI provides all our Consultants with Comprehensive Medical/Dental Insurance, 401k, Life Insurance and Long-Term...
-
Quincy, MA, United States State Street Corporation Full timeWho we are looking for State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure,...
-
Director, Insurance Risk
2 weeks ago
Boston, United States Fidelity TalentSource LLC Full timeJob Description: Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance...
-
Cyber Claims Manager
1 month ago
Boston, Massachusetts, United States Corvus Insurance Full timeWe're united by a mission: to make the world a safer place. Corvus Insurance uses novel data and artificial intelligence/machine learning to achieve better insights into commercial insurance risk. Our software empowers brokers and policyholders to better predict and prevent complex claims through data-driven tools and Smart Commercial Insurance policies....
-
Boston, MA, United States Fidelity Investments Inc. Full timeBased within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions. The main functions of this role include structuring and implementing sound insurance protection to...
-
Director, Insurance Risk
3 weeks ago
Boston, United States Fidelity TalentSource LLC Full timeJob Description:Based within the Treasury Risk and Insurance team in Corporate Treasury, this role serves as a resource for top management and the entire organization regarding insurance and provides direction concerning risk management and available transfer solutions.The main functions of this role include structuring and implementing sound insurance...
-
Cyber Security Engineer
3 days ago
Boston, United States Saxon Global Full timeTitle: Cyber Security Engineer Interview Process: 1-2 rounds The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required...
-
Cyber Security Engineer
1 day ago
Boston, MA, United States Follett School Solutions Full timePosition Overview: Under the guidance of Director of Information Security, the Cyber Security Engineer will be responsible for administering and implementing enterprise information security architecture and technology solutions to address the emerging security and compliance needs of the business. Serves as a subject matter expert for cyber secure system...
-
Third Party Risk Analyst
2 weeks ago
Boston, United States RightWorks Staffing Full timeThe GRC Analyst will be responsible for supporting the development, implementation, and maintenance of the firm's governance, risk management, and compliance program. The ideal candidate will have a strong understanding of regulatory requirements, risk management frameworks, and information security. They will have experience performing third-party risk...
-
Information Technology Auditor
2 months ago
Boston, MA, United States ITmPowered Full timeIT Auditor Consultant, Hospital Medical Device IT Controls Be on the frontlines of Technology Risk in the emerging area of Medical Device Cybersecurity! A large national hospital network can have over 350,000 connected medical devices. Many of these interconnected devices (hospital imaging equipment, patient monitoring, IV pumps, blood spinners.) and...
-
Engineer - travel
1 week ago
Norwood, MA, United States FM Global Full timeWe have an exciting opportunity to join the Account Engineering team in the Norwood office of Boston Operations. As a B&M Account Engineer, you will develop a deep understanding of a Clients business, their objectives and motivations, and prioritize and communicate the risks they face to achieve mutually desirable results. The Account engineer is...
