Head of Cyber Governance, Risk
3 days ago
Overview: We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our business information assets. You will lead efforts to assess, mitigate, and monitor risks associated with third-party vendors and drive information security risk management across MassMutual’s critical business units/entities. Key Responsibilities: Leadership and Strategy: Develop and execute a comprehensive third-party risk management strategy aligned with organizational objectives, regulatory requirements, and industry best practices. Define and implement cyber security strategies, policies, and standards to protect company assets and data. Third-Party Risk Management: Lead the assessment and ongoing monitoring of third-party vendors and partners to identify potential risks and vulnerabilities. Establish risk assessment frameworks, methodologies, and scoring models to evaluate the security posture of third parties. Vendor Due Diligence and Contract Management: Implement robust due diligence processes for assessing the security capabilities of prospective vendors and partners. Collaborate with legal and procurement teams to incorporate security requirements into vendor contracts and agreements. Risk Mitigation and Remediation: Develop and oversee the implementation of risk mitigation strategies and controls to address identified vulnerabilities and risks with third parties. Monitor and track remediation efforts to ensure timely resolution of security issues impacting third-party relationships. Cyber Security Governance: Develop and enforce cyber security policies, standards, and guidelines across the organization. Ensure compliance with regulatory requirements and industry standards (e.g., ISO 27001, NIST CsF) related to information security. Security Awareness and Training: Establish a world-class enterprise cyber security awareness and training program. Develop relevant metrics to measure the efficiency and effectiveness of the security awareness and training program, facilitate appropriate resource allocation, and increase the maturity of the program. Cross-Functional Collaboration: Collaborate with internal stakeholders including IT, law, compliance, privacy procurement, and senior leadership to integrate third-party risk management and information security into business processes. Communicate security risks and recommendations to senior management, advocating for necessary investments and resources. Required Skills and Qualifications: Bachelor’s degree in computer science, Information Technology, Business Administration, or related field; advanced degree preferred. Proven experience (8+ years) in third-party risk management, information security, or related cybersecurity roles, with at least 5 years in a leadership capacity. Deep understanding of third-party risk management frameworks (e.g., NIST SP 800-161, ISO 27001), regulatory requirements, and industry standards. Strong knowledge of information security principles, practices, and technologies, including data protection, encryption, access control, and identity management. Excellent leadership and people management skills, with the ability to lead and mentor a diverse team of professionals. Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience. Effective communication skills, with the ability to articulate complex security concepts to non-technical stakeholders and influence decision-making at all levels. Preferred Qualifications: Industry certifications such as CISSP, CISM, CRISC, or related certifications in risk management and cybersecurity. Experience in financial services, healthcare, or other regulated industries with stringent security and privacy requirements. Familiarity with emerging technologies and trends in cybersecurity, such as cloud security, IoT security, and DevSecOps practices. MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status. If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need. #J-18808-Ljbffr
-
Strategic Cyber Governance Leader
3 days ago
Boston, New York, United States MassMutual Full timeJob DescriptionOverview:We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our...
-
Head of Risk
2 months ago
Boston, United States Geode Capital Management Full timeReporting to the Chief Operating Officer, the Head of Risk is responsible for leading the risk management function for Geode Capital Management, LLC. This role involves identifying, assessing, monitoring, managing, mitigating, and reporting of relevant risks in a structured, coordinated and consistent manner. The Head of Risk will design, develop, refine,...
-
Governance, Risk, and Compliance Analyst
3 weeks ago
Boston, United States Talent Groups Full timePosition OverviewThe client is actively hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission – which is to protect the confidentiality, integrity, and availability of digital information and systems.GRC is a key pillar of the Information Security program, responsible for...
-
Governance, Risk, and Compliance Analyst
3 weeks ago
Boston, United States Talent Groups Full timePosition OverviewThe client is actively hiring a Governance, Risk, and Compliance (GRC) Analyst! Join a great team of cyber security professionals and help us deliver our mission – which is to protect the confidentiality, integrity, and availability of digital information and systems.GRC is a key pillar of the Information Security program, responsible for...
-
Offer Director
4 weeks ago
Boston, United States Boston Consulting Group Full timeWHAT YOU'LL DO The Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact — on...
-
Offer Director
3 days ago
Boston, United States Boston Consulting Group Full timeWHAT YOU'LL DO The Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact — on...
-
Offer Director
4 weeks ago
Boston, United States Boston Consulting Group Full timeWHAT YOU'LL DOThe Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact — on...
-
Offer Director
3 weeks ago
Boston, United States Boston Consulting Group Full timeWHAT YOU'LL DOThe Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact â...
-
Offer Director
4 weeks ago
Boston, MA, United States Boston Consulting Group Full timeWHAT YOU'LL DOThe Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact — on...
-
Offer Director
4 weeks ago
Boston, MA, United States Boston Consulting Group Full timeWHAT YOU'LL DOThe Technology and Digital Advantage (TDA) Practice provides strategic, transformational, and technical offerings. Across industries, we bring together experts in strategy, architecture, cybersecurity, next gen ERP and more to drive end to end transformation. Our teams are galvanized to unlock potential, at speed and with lasting impact — on...
-
Cyber Audit, Vice President
1 month ago
Boston, United States State Street Corporation Full timeWho we are looking for We are looking for a highly skilled and experienced Cyber Audit, Vice President to join our Cybersecurity Audit Team. To succeed in this role, you need to have a deep understanding of cyber risks processes, controls, industry standards, and should have a strong knowledge of NIST, MITRE, and Defense in Depth concepts. You will be...
-
Third Party Risk Analyst
3 months ago
Boston, United States RightWorks Staffing Full timeThe GRC Analyst will be responsible for supporting the development, implementation, and maintenance of the firm's governance, risk management, and compliance program. The ideal candidate will have a strong understanding of regulatory requirements, risk management frameworks, and information security. They will have experience performing third-party risk...
-
Boston, United States State Street Corporation Full timeWho we are looking for State Street seeks to recruit a Technology Controls Assurance Program leader to enable the transformation of the Technology estate across the enterprise to adopt a revamped controls assurance program to ensure installing of the right level of standards and policies. This candidate should be a proven global leader who has experience...
-
Cyber Security Operations Analyst
2 weeks ago
Boston, United States Compu-Vision Consulting Full timeJob tile: Cyber Security Operations Analyst Duration: 10 months (may be renewed in FY26) Location: Boston, MA (Hybrid) Work hours: 37.5 hr/week The Client is actively hiring a Cyber Security Operations Analyst! Join a great team of cyber security professionals and help us deliver our mission - which is to protect the confidentiality, integrity, and...
-
Cyber Security Operations yst
5 days ago
Boston, United States Comprehensive Resources INC Full timeClient: The Massachusetts Department of Transportation (MassDOT) Role: Cyber Security Operations Analyst Duration: 10 Months (Possible Extension) Location: 10 Park Plaza 8th floor Boston MA 02116 Work Schedule: Hybrid Interview type: InPerson Interview POSITION DESCRIPTION: The Massachusetts Department of Transportation (MassDOT) is actively...
-
Cyber Security Operations Analyst
2 weeks ago
Boston, United States TalentBurst Full timeTitle: Cyber Security Operations Analyst Location: Boston, MA (Hybrid) Duration: Multi Year Renewable Contract Hours: 37.5 Weekly hours Overview: Client is actively hiring a Cyber Security Operations Analyst! Join a great team of cyber security professionals and help us deliver our mission - which is to protect the confidentiality, integrity, and...
-
Head of Vulnerability
2 weeks ago
Boston, United States MassMutual Full timeOverview:We are seeking a highly skilled and strategic leader to join our organization as the Head of Vulnerability & Business Information Risk Management. In this role, you will be responsible for overseeing and enhancing our vulnerability management program and application security practices. You will lead a team of experts to identify, assess, prioritize,...
-
Head of Vulnerability
4 days ago
Boston, United States MASSMUTUAL Full timeOverview: We are seeking a highly skilled and strategic leader to join our organization as the Head of Vulnerability & Business Information Risk Management. In this role, you will be responsible for overseeing and enhancing our vulnerability management program and application security practices. You will lead a team of experts to identify, assess,...
-
Head of Vulnerability
4 days ago
Boston, United States MASSMUTUAL Full timeOverview: We are seeking a highly skilled and strategic leader to join our organization as the Head of Vulnerability & Business Information Risk Management. In this role, you will be responsible for overseeing and enhancing our vulnerability management program and application security practices. You will lead a team of experts to identify, assess,...
-
Cyber Security Operations Analyst
2 weeks ago
Boston, United States Trillium Staffing Full timeTrillium Professional is now seeking a Cyber Security Operations Analyst in Boston! The Cyber Security Operations Analyst role will be a member of a 4-person team, reporting to the Director of Cyber Security Operations, and will work closely with the Chief Information Security Officer (CISO). The ideal candidate is a self-starter with a passion for cyber...
