Business Information Security Officer - Technology & Data
The BISO (Business Information Security Officer) is responsible for the implementation and effectiveness of MassMutual's Enterprise Cyber Security (ECS) program for a specific line of business or technology organization. BISOs are senior and influential members of the ECS team who have demonstrated organizational, technical, and cybersecurity program management expertise. In addition, BISOs are adept at relationship and stakeholder management.
Responsibilities:
Manage key stakeholder expectations for the Tech & Data leadership teams.
Understand the threat landscape using the enterprise Threat & Vulnerability Assessment process to assess potential systems and process vulnerabilities to determine security control requirements.
Act as a member of the leadership teams in driving an increase in cyber resilience
Become a trusted advisor for the Tech & Data team in order to lead information security related programs that are aligned with ECS's strategy.
Prepare and present monthly stakeholder reports that identify top risks, programs to manage those risks and selected KPIs and dashboards to identify the level of success for each related program
Ensure that the top cyber risks are evaluated, and critical issues are raised for decisions during monthly stakeholder meetings
Proactively identify opportunities for stakeholder escalation to ensure top issues/decisions are addressed with enterprise leaders
Provide guidance and direction on best practices for the protection of technology and data
Identify and discuss BU-specific information security requirements and resolve any issues in partnership with other teams across MassMutual
Skills, Knowledge & Experience:
Comprehensive knowledge in protecting data, infrastructure, software, and systems.
Ability to influences best practices within complex technology environments, with wide latitude for use of independent judgment.
Ability to distill complex security requirements into business terms and balance the cyber-risk with the business impact of security decisions
Collaborative and able to build effective working relationships with all levels of the organization
Excellent relationship and negotiating skills
Mentors less-experienced team members and displays leadership as needed.
Outstanding communication skills including the use of concise language with business leaders in both oral and written form
Experience working with senior level management to achieve results and manage crisis situations
Foundational knowledge of data science and analytics
Outstanding verbal, written and interpersonal communication skills
Passion for solving problems
Creative, organized, positive, optimistic, and energetic
Affiliation with and active participation in an industry cyber security information sharing organization (for example: FS-ISAC, H-ISAC)
3 years of BISO experience or IT Security Program Management experience.
A combination of a bachelor's degree and/or 10+ years of experience in information security preferred
Ability to work east coast hours
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.