Business Information Security Officer

The Opportunity
As a Business Information Security Officer, you will provide state of the art technical and business expertise while being the face of cyber security to key business and IT leaders and teams across the MassMutual enterprise. You will have the opportunity to showcase your technical and business acumen skills across a diverse and inclusive technology department, while also stretching your leadership and communication skills to all levels of talent across business and IT organizations. As Business Information Security Officer, you will be assigned to key areas of MassMutual's enterprise and be responsible for identifying top threats to those business areas, ultimately helping to reduce cyber risk through top-notch cyber risk management.
The Team
The Business Information Security Officer (BISO) sits within MassMutual's Enterprise Technology Experience (ETX) division, within the Enterprise Cyber Security (ECS) department and provides cyber security risk understanding and enables sound cyber risk decision making through the development and maintenance of a relevant, transparent, proactive, and actionable cyber risk landscape.
The Impact:
The Business Information Security Officer enables cyber security risk reduction by working collaboratively with business partners, at all levels, and with all cyber security functions to identify, prioritize and mitigate cyber-security risks. As Business Information Security Officer, you will be responsible for:

• Identifying and Providing Top Risk Information & Understanding through dedicated education, rich risk metric data, communication and continuous relationship-building with business and IT leaders
• Driving and Enabling Effective Risk-Based Business Decisions for each business area across the enterprise through strong partnership and effective stakeholder management
• Serving as a Trusted Partner to stakeholders by helping design and implement security solutions that deliver positive business results and reduces risk
• Bi-Directionally Bridging Cyber Teams closer to the business and IT portfolios in order to help meet business needs while addressing growing cyber risks

The Minimum Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; advanced degree preferred.
• 8+ years in Cyber Security, Technology Risk Management, Cyber Security Program Management or a related field
• At least 1 of the Industry certifications such as CISSP, CISM, CEH, or GIAC certifications (e.g., GPEN, GWAPT)

The Ideal Qualifications

• Experience with all aspects of cyber-security risk including - identification, analysis, quantification, and remediation strategies.
• Exceptional relationship management - building and maintaining collaborative partnerships across all levels of an organization.
• Strong technical acumen in cyber security and technology services
• Strong communication skills and ability to lead and influence others.
• Proven ability to articulate the why and to enable fact-based decision making.
• Excellence in Execution - Ensuring commitments are met and ensuring key stakeholders are constantly informed of status.
• Strong leadership qualities and an ability to communicate with all levels of the organization.
• Sound business and technical acumen, judgment and decision-making skills.
• Strong communication and interpersonal skills.
• Self-starter who is willing to take on new challenges in response to the changing cyber threat landscape
• Excellent written and verbal communication skills.
• Demonstrated success in guiding, and influencing sound cyber risk and security remediation strategies aligned with core business objectives and risk appetite.
• Ability to deal with the ambiguity associated with working in a fast paced and changing environment.
• Experience or knowledge in life insurance and/or financial services products and services.
• Strong understanding of regulatory requirements, compliance frameworks (e.g., PCI-DSS, GDPR), and industry standards (e.g., NIST, ISO 27001).
• Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders and influence decision-making at all levels.

What to Expect as Part of MassMutual and the Team

• Regular meetings with the Business Information Risk team and aligned key stakeholders via group huddles and one-on-one meetings
• Focused one-on-one meetings with your manager
• Access to mentorship opportunities
• Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups
• Access to learning content on Degreed and other informational platforms
• Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits

#LI-RK1
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Salary Range: $128,000.00-$168,000.00