Head of Cyber Third Party and Risk Management
7 days ago
Overview:
We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our business information assets. You will lead efforts to assess, mitigate, and monitor risks associated with third-party vendors and drive information security risk management across MassMutual’s critical business units / entities.
Key Responsibilities:
Leadership and Strategy:
Develop and execute a comprehensive third-party risk management strategy aligned with organizational objectives, regulatory requirements, and industry best practices.
Define and implement cyber security strategies, policies, and standards to protect company assets and data.
Third-Party Risk Management:
Lead the assessment and ongoing monitoring of third-party vendors and partners to identify potential risks and vulnerabilities.
Establish risk assessment frameworks, methodologies, and scoring models to evaluate the security posture of third parties.
Vendor Due Diligence and Contract Management:
Implement robust due diligence processes for assessing the security capabilities of prospective vendors and partners.
Collaborate with legal and procurement teams to incorporate security requirements into vendor contracts and agreements.
Risk Mitigation and Remediation:
Develop and oversee the implementation of risk mitigation strategies and controls to address identified vulnerabilities and risks with third parties.
Monitor and track remediation efforts to ensure timely resolution of security issues impacting third-party relationships.
Cyber Security Governance:
Develop and enforce cyber security policies, standards, and guidelines across the organization.
Ensure compliance with regulatory requirements and industry standards (e.g., ISO 27001, NIST CsF) related to information security.
Security Awareness and Training:
Establish a world class enterprise cyber security awareness and training program.
Develop relevant metrics to measure the efficiency and effectiveness of the security awareness and training program, facilitate appropriate resource allocation, and increase the maturity of the program.
Cross-Functional Collaboration:
Collaborate with internal stakeholders including IT, law, compliance, privacy procurement, and senior leadership to integrate third-party risk management and information security into business processes.
Communicate security risks and recommendations to senior management, advocating for necessary investments and resources.
Required Skills and Qualifications:
Bachelor’s degree in computer science, Information Technology, Business Administration, or related field; advanced degree preferred.
Proven experience (8+ years) in third-party risk management, information security, or related cybersecurity roles, with at least 5 years in a leadership capacity.
Deep understanding of third-party risk management frameworks (e.g., NIST SP 800-161, ISO 27001), regulatory requirements, and industry standards.
Strong knowledge of information security principles, practices, and technologies, including data protection, encryption, access control, and identity management.
Excellent leadership and people management skills, with the ability to lead and mentor a diverse team of professionals.
Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience.
Effective communication skills, with the ability to articulate complex security concepts to non-technical stakeholders and influence decision-making at all levels.
Preferred Qualifications:
Industry certifications such as CISSP, CISM, CRISC, or related certifications in risk management and cybersecurity.
Experience in financial services, healthcare, or other regulated industries with stringent security and privacy requirements.
Familiarity with emerging technologies and trends in cybersecurity, such as cloud security, IoT security, and DevSecOps practices.
#LI-MC1
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
-
Head of Cyber Third Party and Risk Management
2 weeks ago
Hartford, CT, United States MassMutual Full timeOverview: We are seeking an experienced and strategic leader to join our organization as the Head of Cyber Third Party and Risk Management. In this critical role, you will be responsible for overseeing and enhancing our third-party cyber risk management program, governance, security awareness and training, and ensuring the security of our business...
-
Senior Underwriting Risk Manager Cyber
2 weeks ago
Hartford, Connecticut, United States XL Group Full timeJob Title: Senior Underwriting Risk Manager CyberAXA XL is seeking a highly skilled Senior Underwriting Risk Manager to join our team in New York, NY. As a key member of our Underwriting Risk department, you will be responsible for managing the underwriting risks associated with our Cyber portfolio, as well as our wider Professional Lines business.Key...
-
IT Security Risk and Compliance Specialist
3 weeks ago
Hartford, Connecticut, United States ShiftCode Analytics Full timeJob Title: IT Security Risk and Compliance SpecialistShiftCode Analytics is seeking a highly skilled IT Security Risk and Compliance Specialist to join our team. As a key member of our organization, you will be responsible for evaluating and monitoring IT security risk and assisting with developing and maintaining compliance controls in adherence with...
-
IT Security Risk and Compliance Specialist
3 days ago
Hartford, Connecticut, United States ShiftCode Analytics Full timeJob Title: IT Security Risk and Compliance SpecialistAt ShiftCode Analytics, we are seeking a highly skilled IT Security Risk and Compliance Specialist to join our team. As a key member of our organization, you will be responsible for evaluating and monitoring IT security risk and assisting with developing and maintaining compliance controls in adherence...
-
IT Security Risk and Compliance Specialist
2 weeks ago
Hartford, Connecticut, United States ShiftCode Analytics Full timeJob Title: IT Security Risk and Compliance SpecialistWe are seeking a highly skilled IT Security Risk and Compliance Specialist to join our team at ShiftCode Analytics. As a key member of our organization, you will be responsible for ensuring the security and compliance of our IT systems and infrastructure.Responsibilities:Develop, monitor, and maintain...
-
Risk Management Specialist
3 weeks ago
Hartford, Connecticut, United States Russell Tobin Full timeRisk Consulting OpportunityRussell Tobin & Associates is seeking a skilled Risk Consultant to work with our client in the Insurance industry. This role involves implementing strategic plans to optimize clients' insurance recovery for mass tort and other potentially high-dollar value claims.Key Responsibilities:Review and record information about claims...
-
Risk Management Specialist
2 weeks ago
Hartford, Connecticut, United States Innova Solutions Full timeJob Title: Risk ConsultantInnova Solutions is seeking an experienced Risk Consultant to join our team.About the Role:The successful candidate will be responsible for implementing strategic plans to optimize clients' insurance recovery for mass tort and other potentially high-dollar value claims for corporate clients.Key responsibilities include:Reviewing and...
-
Risk Management Specialist
3 weeks ago
Hartford, Connecticut, United States Russell Tobin Full timeRisk Consulting OpportunityRussell Tobin & Associates is seeking a skilled Risk Consultant to join our team in the Insurance industry. As a Risk Consultant, you will play a critical role in optimizing clients' insurance recovery for mass tort and other potentially high-dollar value claims.Key Responsibilities:Implement strategic plans to optimize clients'...
-
Cyber Security Analyst
3 days ago
Hartford, Connecticut, United States TEKsystems Full timeJob Title: Cyber Security AnalystTEKsystems is seeking a skilled Cyber Security Analyst to join our team. As a Cyber Security Analyst, you will play a critical role in detecting and responding to various threats.Key Responsibilities:Analyze and investigate ticketed events using various logs, including firewalls, IDS/IPS, proxies, servers, endpoints, and...
-
Head of Investment and Asset Management
4 weeks ago
HARTFORD, United States MassMutual Full timep>MassMutual is growing and with the evolution of the real estate markets, our real estate debt and equity investment portfolios continue to become more complex and more diverse in sourcing, management and exposures. The Head of Commercial Mortgage Loans will be responsible for developing investment strategies and overseeing the execution of investment...
-
Senior Firewall Engineer
7 days ago
Hartford, United States MassMutual Full timeThe Opportunity Full Time Hybrid 3 Days/Week (Springfield, MA) MassMutual is seeking a Firewall Engineer responsible for Level 3 and Level 4 engineering tasks, responsible for the configuration, deployment, and daily management and administration of our Palo Alto and Fortinet next generation firewall solutions. This position will be accountable for...
-
Technology Risk Compliance Manager
4 weeks ago
Hartford, Connecticut, United States The Hartford Full timeAbout the RoleThe Hartford is seeking a highly skilled Technology Risk Compliance Manager to join our team. As a key member of our Technology First Line of Defense, you will be responsible for overseeing and managing compliance functions within our Technology organization.Key ResponsibilitiesDevelop, implement, and monitor compliance controls within the...
-
Technology Risk Compliance Manager
3 weeks ago
Hartford, Connecticut, United States The Hartford Full timeJob Title: Technology Risk Compliance ManagerWe are seeking a highly skilled Technology Risk Compliance Manager to join our team at The Hartford. This role will be responsible for overseeing and managing the compliance functions within our Technology organization.Key Responsibilities:Lead the development, implementation, and monitoring of compliance controls...
-
Party City Seasonal Team Member
3 weeks ago
Hartford, Alabama, United States Party City Holdings Inc. Full timeAbout the RoleWe are seeking a highly motivated and customer-focused individual to join our team as a Seasonal Team Member at Party City. As a key member of our sales and service team, you will be responsible for delivering an exceptional customer experience and driving sales growth in our stores.Key ResponsibilitiesExecute best-in-class sales and service...
-
Cyber Security Analyst
3 weeks ago
Hartford, United States TEKsystems Full timeJob DescriptionJob Description 3210666** U.S. Citizens **Top Three Skills:1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network...
-
Senior Firewall Engineer
2 weeks ago
HARTFORD, United States MassMutual Full timeThe OpportunityFull Time Hybrid 3 Days/Week (Springfield, MA)MassMutual is seeking a Firewall Engineer responsible for Level 3 and Level 4 engineering tasks, responsible for the configuration, deployment, and daily management and administration of our Palo Alto and Fortinet next generation firewall solutions. This position will be accountable for monitoring...
-
Senior Firewall Engineer
2 weeks ago
Hartford, United States MassMutual Full timeJob DescriptionThe OpportunityFull Time Hybrid 3 Days/Week (Springfield, MA)MassMutual is seeking a Firewall Engineer responsible for Level 3 and Level 4 engineering tasks, responsible for the configuration, deployment, and daily management and administration of our Palo Alto and Fortinet next generation firewall solutions. This position will be accountable...
-
Audit Manager
1 month ago
Hartford, Connecticut, United States Bank of America Full timeAbout the Role:This is a challenging opportunity for a seasoned Audit Manager to join our team at Bank of America. As an Audit Manager, you will be responsible for overseeing assigned areas of audit work, acting as an Auditor-in-Charge (AIC), and executing on the audit strategy for Lines of Business (LOBs).Key Responsibilities:Drive risk-based auditing by...
-
Head of Strategic Planning and Delivery
6 days ago
Hartford, Connecticut, United States MassMutual Full timeJob Title: Head of Strategy, PlanningMassMutual is seeking a seasoned professional to lead its Strategic Planning and Delivery (SP&D) function. As the Head of SP&D, you will be responsible for driving the end-to-end management and evolution of this critical function.About the RoleThe SP&D function was established in 2019 to accelerate progress towards...
-
Head of Strategy, Planning
7 days ago
Hartford, United States MassMutual Full timeStrategic Planning & Delivery (SP&D) was established in 2019 as a Transformation office to accelerate progress towards MassMutual’s aspirations. These aspirations are rooted in the purpose we’ve long held and, in the vision, that we all share: To provide financial well-being for all Americans. SP&D’s current mission is to govern the budget, approval...
