At MassMutual, we’re fostering an inclusive and dynamic environment where our employees are valued for who they are and can build successful careers. For us, diversity and inclusion is more than a goal, it's the only way forward.

　　MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company, owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources and rely on each other when it counts. at MassMutual, we Live Mutual.

　　Do you want to be part of a team that encourages your growth, supports your ambitions and makes it a priority for you to reach your goals? Is helping people part of who you are? At MassMutual, we help millions of people find financial freedom, offer financial protection and plan for the future. We do this by building trust with our customers by being knowledgeable problem solvers and prioritize their needs above all else. We Live Mutual.

　　​​

　　Why Join Us.

　　We’ve been around since 1851. During our history, we’ve learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable, and ethical business with industry leading pay and benefits. And your voice will always be heard.

　　A career with us means you will work alongside exceptional people and be empowered to reach your professional and personal goals. Our employees are the foundation of what makes MassMutual a strong, stable and ethical business. We seek and value unique and varied perspectives and experiences because we believe we are stronger when all voices are heard. We invite you to bring your bright, innovative ideas to MassMutual as we continue to help millions of Americans rely on each other.

　　Role Overview : We are seeking an experienced and strategic Head of Enterprise Cyber Security, Chief Information Security Officer (CISO) to join our ETX senior leadership team. In this role, you will be responsible for developing, implementing, and overseeing the overall cyber security strategy and cyber risk management for the organization. You will play a critical role in safeguarding our digital assets, ensuring compliance with industry regulations, and maintaining the highest standards of cybersecurity across all facets of our operations.

　　Duties include, but are not limited to:

　　Developing and implementing cyber security policies for company used to prevent, detect, mitigate, and recover from cyberattacks

　　Educating and managing technology risk in collaboration with business leaders

　　Building and driving a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets

　　Continuously evaluating and managing the cyber risk posture of the organization

　　Implementing and managing the cyber governance, cyber risk, and cyber compliance (GRC) process

　　Reporting to the senior levels of the organization (the board of directors)

　　Developing, justifying, and evaluating cybersecurity investments

　　Developing and implementing ongoing security awareness training and education for users

　　Leading cybersecurity operations and implementing disaster recovery protocols and business continuity plans with business resilience in mind

　　Key Responsibilities :

　　Strategic Leadership : Develop and execute a comprehensive information security strategy aligned with the company’s goals, risk appetite, and industry best practices. Provide strategic guidance to senior management on emerging security trends and threats.

　　Risk Management : Identify, assess, and mitigate information security risks by implementing effective controls, policies, and procedures. Collaborate with cross-functional teams to manage risks across technology, operations, and business units.

　　Security Governance : Collaborate with the ETX Governance team to influence the cyber security governance framework, including the development and implementation of security policies, standards, and guidelines. Ensure adherence to regulatory requirements and industry standards.

　　Incident Response : Develop and maintain an effective incident response plan, coordinating with internal teams and external partners to quickly and efficiently address cybersecurity incidents and breaches.

　　Security Architecture : Collaborate with the ETX Architecture team and influence how we define and implement a robust security architecture that safeguards critical data and systems while enabling business agility. Stay current with evolving threats and technologies to adapt security measures accordingly.

　　Vendor Management : Evaluate and manage relationships with third-party vendors, assessing their security practices and ensuring compliance with established standards.

　　Training and Awareness : Foster a culture of security awareness and continuous learning among employees. Provide training programs and resources to educate the workforce on cybersecurity best practices.

　　Security Metrics and Reporting : Develop and maintain a set of relevant security metrics for company to measure the effectiveness of the information security program. Provide regular reports to senior leadership and the board of directors.

　　Budget Management : Collaborate with the finance department to develop and manage the information security budget, allocating resources for necessary tools, technologies, and personnel.

　　Additional Responsibilities :

　　Identify information security and risk priorities for company by assessing the current environment, monitoring potential threats, identifying trends, assessing system vulnerabilities, conducting regular and ongoing monitoring of organizational compliance with standards and policies, and recommend courses of action to key stakeholders.

　　Based on the current state cyber capability, set a strategic vision for evolving the program to address existing and potential threats in the context of shifting commercial priorities.

　　Act as a business owner for information risk and cyber security, dimensioning appropriate financial and risk tolerances to support responsible but innovative business growth.

　　Manage third party and vendor partnerships in support of necessary capabilities.

　　Continually benchmark MassMutual’s information risk program to the industryand propose new changes to integrate industry best practices.

　　Lend cyber expertise in commercial discussions and support the business in their ability to understand and articulate cyber security concepts to the market.

　　Provide direction to commercial leaders in sales activities that require expertise in the area of cyber risk management; and host existing and potential customers for cyber briefings and audits.

　　Provide guidance and counsel to key stakeholders, including the CIO, working closely to define objectives for information security, while building relationships and goodwill.

　　Update and educate the Board of Directors and the Executive Leadership Team on current cyber threats, issues, and risks, including conducting tabletop exercises to showcase cyber threats. Share mitigation strategies.Provide regular status updates on progress and status of initiatives and operations. Partner with the Enterprise Risk Management teams to maintain a common framework and understand risk parameters and associated mitigation strategies.

　　5+ years experience in establishing annual and long-range, security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.

　　Stay abreast of information security issues and regulatory changes affecting the company. Participate in industry forums and represent MassMutual as thought leader regarding cyber security. Maintain knowledge of current security industry trends, government regulations, and advancements in information security through researching technical publications and membership in professional associations to maintain high quality and current expertise in security practices and technologies.

　　Develop a mature and agile information security program for company by defining and implementing risk assessment processes, providing oversight and reporting of improvement plans and corrective actions, providing clarity of ownership and accountability and ensuring adaptability to meet changing requirements, mitigate risks, strengthen defenses and reduce vulnerabilities.

　　Maintain an understanding of business requirements and identify security risks that threaten those business operations.

　　Work with business owners to identify and implement controls to detect and mitigate threats to company information assets to protect against significant financial loss.

　　Manage a staff of technical and professional co-workers with a diversity of skills and experience levels. Ensure staff is knowledgeable and cross-trained and that opportunities are afforded to staff to develop and maintain their skills at the highest standards. Foster, through mentoring and leadership, critical and independent thinking skills and behaviors in staff.

　　Qualifications :

　　• A bachelor’s or master’s degree in information security, Computer Science, or a related field; relevant certifications (e.g., CISSP, CISM, CISA) preferred.

　　• Proven track record of at least 15 years in progressively responsible information security leadership roles, including experience in the financial services industry.

　　• In-depth knowledge of cybersecurity frameworks, regulatory requirements, and industry standards.

　　• Strong strategic thinking, risk management, and problem-solving skills.

　　• Excellent communication and interpersonal skills, with the ability to collaborate and influence at all levels of the organization.

　　• Demonstrated experience in managing and developing high-performing security teams. Join our dynamic team and lead the charge in protecting our organization’s digital assets and reputation. If you are a visionary leader with a deep understanding of information security in the financial sector, we invite you to apply and drive our cybersecurity initiatives to new heights.

　　CULTURE

　　Focus on the Customer – Know your customers well; add value with a level of urgency.

　　Act with Integrity – Adhere to a strict code of ethics and MassMutual Values; be trustworthy.

　　Value People – Lead people to success; appreciate diverse ideas and experiences.

　　Work Collaboratively – Partner with others to achieve results that leverage the right resources.

　　Achieve Results – Focus on winning; consistently exceed expectations.

　　#LI-MC1

　　MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.

　　If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.