Head of BISO and Cyber Risk Management
Sorry, this job was removed at 11:34 a.m. (EST) on Wednesday, June 10, 2020
By clicking Apply Now you agree to share your profile information with the hiring company.
Responsible for:
- Provide state-of-the-art technical expertise and manage key stakeholder relationship management for designated business leaders and review all monthly stakeholder reports for all BISOs
- Leading the BISO team and defining the techniques and tools essential for BISOs to achieve consistent success in improving cyber security practices
- Lead the EIRM cyber risk management practice to measure enterprise cyber risk daily through the Threat, Vulnerability Assessment (TVA) process
- Facilitate the data analysis and decision process for determining the quarterly top cyber risks in rank order for the enterprise
- Create and document the top cyber risks for each business portfolio and critical issues to be served up for decisions during monthly stakeholder meetings
- Proactively identify opportunities for stakeholder escalation to ensure top issues/decisions are addressed with stakeholders
- Operate as a member of the stakeholder’s leadership team focused on cyber security risk management techniques and tactics to help each leader improve their effectiveness
- Identify and manage risk management initiatives specific to the portfolio to ensure positive results
- Ensure the selected KPIs are curated for each business monthly stakeholder report effectively enabling business stakeholders to have the facts on cyber risk management programs
- The BISO acts on behalf of the Head of Enterprise Information Risk Management (EIRM) for a specific portfolio within MassMutual
- Provides the stakeholder leadership team with cyber risk management expertise, techniques and tools to effectively manage cyber risk management for the stakeholder (leader)
- The BISO acts as a trusted advisor for the stakeholder and the stakeholder leadership team
- Works collaboratively with stakeholder resources and follows the norms for work style and collaboration for the stakeholder
- Consistently works alignment of cyber security risks, programs and projects to manage that risk effectively and provides KPI data to multiple levels within the stakeholder organization on a monthly basis
- Lead specific cyber programs as needed for professional development as a cyber security practitioner
Skills, Knowledge & Experience:
- Expertise in IT management practices and experience as an IT leader
- Demonstrated track record of influencing senior executives on IT and risk management issues/concerns
- Demonstrated understanding of key business processes and stakeholders for the enterprise
- Outstanding communication skills including the use of concise language with business leaders in both oral and written form (concise language)
- Proficient in Microsoft Office, particularly PowerPoint and Excel
- A combination of a bachelor’s degree and/or 10+ years of experience in information security and IT leadership preferred
- Ability to multi-task and work as part of a collaborative team
See More