Lead MassMutual's cybersecurity strategy and operations, focusing on governance, risk compliance, and overseeing the Security Operations Center (SOC) and incident response efforts.
Position Overview
Massachusetts Mutual Life Insurance Company (MassMutual) is seeking a dynamic and experienced leader to serve as Head of Cybersecurity Strategy & Operations. This role is a critical member of the cybersecurity leadership team, reporting directly to the CISO, and is responsible for leading the operational execution of the enterprise cybersecurity program. The successful candidate will oversee all aspects of cyber operations, governance, risk and compliance -including the Security Operations Center (SOC), threat intelligence, incident response, and vulnerability management-while also playing a pivotal role in shaping and executing the company's cybersecurity strategy. This leader will act as a trusted delegate to the CISO, ensuring continuity of leadership and resilience across the cybersecurity function.
Key Responsibilities
Reporting to the CISO, the Head of Cyber SOC & Cyber Strategy + Operations is a critical enterprise leader accountable for the day-to-day resilience of the company's cyber security operations and long-term cyber security strategy. This role will lead MassMutual's strategy to safeguard digital assets and sustain policyholder trust by driving proactive threat management, advanced data analytics, and disciplined risk management. This role will implement cutting-edge security controls and continuously adapt them to address the evolving threat landscape to strengthen cyber resiliency while enabling the business. This role will foster a pervasive culture of security awareness across the enterprise, ensuring risk-informed decisions, measurable control effectiveness, and rapid detection and response-so security accelerates innovation and delivers resilient, trustworthy outcomes for our policyholders. This executive owns the global Security Operations Center (SOC), Threat Intelligence, Incident Response, and security operations platforms, while orchestrating the operating model, metrics, and governance for a high-performing cyber program. The role partners deeply with ERM to integrate cyber risk into the enterprise risk framework and routinely engages executive leadership and the Board on posture, risk, and program maturity.
Strategy & Operating Model• Create, refine, and operationalize the multi-year cybersecurity strategy and roadmap; translate strategy into an executable operating plan, budgets, and measurable outcomes.• Establish and continuously improve the cyber operating model (first/second line interfaces, decision rights, runbooks, service levels), ensuring alignment with enterprise risk appetite and regulatory expectations.
Security Operations (SOC) & Incident Readiness• Lead 24×7 global SOC operations (monitoring, detection, triage, response, recovery), integrated with Threat Intel and Incident Response; ensure modern detection engineering and threat-informed defense.• Own cyber incident response: playbooks, tabletop exercises, and lessons-learned; coordinate with cyber partner organizations and corporate communications, on material events.
Governance, Risk & Compliance• Integrate cyber risk programs and frameworks (e.g., NIST CSF, FAIR) with the enterprise risk framework; run or contribute to risk councils, steering committees, and regulatory/assurance routines.• Drive cyber policies, standards, and control health; ensure readiness for regulators, auditors, customers, and partners; partner with ERM on material risk identification and reporting.
Metrics, Reporting & Executive Engagement• Define and maintain KPIs/KRIs and board-level metrics that reflect risk reduction, operational performance, and program maturity; produce concise, decision-oriented reports for the CISO, ELT, and Board.
Architecture, Engineering & Third Parties• Partner with Security Architecture/Engineering to ensure controls are designed for cloud and on-prem environments and are instrumented for measurable effectiveness.• Oversee critical security platforms and vendors (SIEM, EDR, SOAR, threat intel, vulnerability/attack surface management); evaluate providers, negotiate outcomes, and ensure measurable value.• Collaborate with Procurement/TPRM for third-party cyber risk management and incident coordination with key suppliers.
Culture, Talent & Budget• Build and lead a high-performing, mission-driven team; set outcomes, develop leaders, design on-call/coverage models, and foster a culture of accountability, speed, and continuous improvement.• Own budgets for SOC and operations, tying investments to risk reduction and performance outcomes.• Champion security awareness and partnership across technology and the business. 12-Month Success Measures (Examples)• Mean Time to Detect/Respond (MTTD/MTTR): ≥30% improvement across priority incident classes.• Detection Quality: False-positive rate reduced by ≥25%; ≥90% coverage of critical MITRE ATT&CK techniques relevant to our threat model.• Vulnerability Risk: Critical risk backlog reduced by ≥50%; SLA compliance ≥95% for tier-1 assets.• Program Maturity: Target state achieved for top 3 control domains (e.g., identity, endpoint, cloud) and ≥1 maturity tier uplift in SOC capability.• Board/Regulatory Confidence: Clear KRIs established; positive external
assurance outcomes (no high-severity findings).• Talent & Operating Model: Key leadership roles filled; healthy on-call model;
>85% team engagement/retention.
Required Qualifications• 12-15+ years of progressive cybersecurity leadership in complex, regulated enterprises; proven accountability for SOC/IR, vulnerability management, and cyber operations.• Demonstrated success shaping and executing cyber strategy and integrating cyber risk with enterprise risk frameworks; direct Board/ELT engagement experience.• Depth in threat-informed defense, detection engineering, incident command, and large-scale operations.• Bachelor's degree in Information Security, Computer Science, or related field; advanced degree preferred. Relevant credentials (e.g., CISSP, CISM, CRISC) strongly preferred.
Required Certifications
CISSP (Certified Information Systems Security Professional) Strongly Preferred, CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), GIAC certifications (e.g., GCIA, GCIH, GRID) for SOC/IR expertise, CISA (Certified Information Systems Auditor) for governance and compliance.
#LI-MC1
MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Massachusetts Mutual Life Insurance Company (MassMutual) is seeking a dynamic and experienced leader to serve as Head of Cybersecurity Strategy & Operations. This role is a critical member of the cybersecurity leadership team, reporting directly to the CISO, and is responsible for leading the operational execution of the enterprise cybersecurity program. The successful candidate will oversee all aspects of cyber operations, governance, risk and compliance -including the Security Operations Center (SOC), threat intelligence, incident response, and vulnerability management-while also playing a pivotal role in shaping and executing the company's cybersecurity strategy. This leader will act as a trusted delegate to the CISO, ensuring continuity of leadership and resilience across the cybersecurity function.
Key Responsibilities
Reporting to the CISO, the Head of Cyber SOC & Cyber Strategy + Operations is a critical enterprise leader accountable for the day-to-day resilience of the company's cyber security operations and long-term cyber security strategy. This role will lead MassMutual's strategy to safeguard digital assets and sustain policyholder trust by driving proactive threat management, advanced data analytics, and disciplined risk management. This role will implement cutting-edge security controls and continuously adapt them to address the evolving threat landscape to strengthen cyber resiliency while enabling the business. This role will foster a pervasive culture of security awareness across the enterprise, ensuring risk-informed decisions, measurable control effectiveness, and rapid detection and response-so security accelerates innovation and delivers resilient, trustworthy outcomes for our policyholders. This executive owns the global Security Operations Center (SOC), Threat Intelligence, Incident Response, and security operations platforms, while orchestrating the operating model, metrics, and governance for a high-performing cyber program. The role partners deeply with ERM to integrate cyber risk into the enterprise risk framework and routinely engages executive leadership and the Board on posture, risk, and program maturity.
Strategy & Operating Model• Create, refine, and operationalize the multi-year cybersecurity strategy and roadmap; translate strategy into an executable operating plan, budgets, and measurable outcomes.• Establish and continuously improve the cyber operating model (first/second line interfaces, decision rights, runbooks, service levels), ensuring alignment with enterprise risk appetite and regulatory expectations.
Security Operations (SOC) & Incident Readiness• Lead 24×7 global SOC operations (monitoring, detection, triage, response, recovery), integrated with Threat Intel and Incident Response; ensure modern detection engineering and threat-informed defense.• Own cyber incident response: playbooks, tabletop exercises, and lessons-learned; coordinate with cyber partner organizations and corporate communications, on material events.
Governance, Risk & Compliance• Integrate cyber risk programs and frameworks (e.g., NIST CSF, FAIR) with the enterprise risk framework; run or contribute to risk councils, steering committees, and regulatory/assurance routines.• Drive cyber policies, standards, and control health; ensure readiness for regulators, auditors, customers, and partners; partner with ERM on material risk identification and reporting.
Metrics, Reporting & Executive Engagement• Define and maintain KPIs/KRIs and board-level metrics that reflect risk reduction, operational performance, and program maturity; produce concise, decision-oriented reports for the CISO, ELT, and Board.
Architecture, Engineering & Third Parties• Partner with Security Architecture/Engineering to ensure controls are designed for cloud and on-prem environments and are instrumented for measurable effectiveness.• Oversee critical security platforms and vendors (SIEM, EDR, SOAR, threat intel, vulnerability/attack surface management); evaluate providers, negotiate outcomes, and ensure measurable value.• Collaborate with Procurement/TPRM for third-party cyber risk management and incident coordination with key suppliers.
Culture, Talent & Budget• Build and lead a high-performing, mission-driven team; set outcomes, develop leaders, design on-call/coverage models, and foster a culture of accountability, speed, and continuous improvement.• Own budgets for SOC and operations, tying investments to risk reduction and performance outcomes.• Champion security awareness and partnership across technology and the business. 12-Month Success Measures (Examples)• Mean Time to Detect/Respond (MTTD/MTTR): ≥30% improvement across priority incident classes.• Detection Quality: False-positive rate reduced by ≥25%; ≥90% coverage of critical MITRE ATT&CK techniques relevant to our threat model.• Vulnerability Risk: Critical risk backlog reduced by ≥50%; SLA compliance ≥95% for tier-1 assets.• Program Maturity: Target state achieved for top 3 control domains (e.g., identity, endpoint, cloud) and ≥1 maturity tier uplift in SOC capability.• Board/Regulatory Confidence: Clear KRIs established; positive external
assurance outcomes (no high-severity findings).• Talent & Operating Model: Key leadership roles filled; healthy on-call model;
>85% team engagement/retention.
Required Qualifications• 12-15+ years of progressive cybersecurity leadership in complex, regulated enterprises; proven accountability for SOC/IR, vulnerability management, and cyber operations.• Demonstrated success shaping and executing cyber strategy and integrating cyber risk with enterprise risk frameworks; direct Board/ELT engagement experience.• Depth in threat-informed defense, detection engineering, incident command, and large-scale operations.• Bachelor's degree in Information Security, Computer Science, or related field; advanced degree preferred. Relevant credentials (e.g., CISSP, CISM, CRISC) strongly preferred.
Required Certifications
CISSP (Certified Information Systems Security Professional) Strongly Preferred, CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), GIAC certifications (e.g., GCIA, GCIH, GRID) for SOC/IR expertise, CISA (Certified Information Systems Auditor) for governance and compliance.
#LI-MC1
MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Top Skills
Cloud Environments
Edr
SIEM
Soar
Threat Intel
MassMutual Boston, Massachusetts, USA Office
Our new Boston campus opened in November in the Seaport neighborhood.
Boston Campus
Just like MassMutual, Boston's Seaport district is surrounded by decades of history, yet is now being recognized as a hub for digital innovation and professional growth. With us you can develop the skills you need to build a successful future and connect with talented and collaborative colleagues working together to help people secure their future and protect the ones they love.
Similar Jobs at MassMutual
Big Data • Fintech • Information Technology • Insurance • Financial Services
The Procurement Consultant will manage supplier relationships, negotiate deals, and provide analytical support for marketing and annuities sourcing needs.
Top Skills:
ProcurementRisk ManagementSourcingSpend Analytics
Big Data • Fintech • Information Technology • Insurance • Financial Services
The ETX Governance & Administration Consultant coordinates audits, manages information repositories, produces reports, and implements governance frameworks to improve operational efficiency.
Top Skills:
Enterprise-Level Grc PlatformExcelSharepoint
Big Data • Fintech • Information Technology • Insurance • Financial Services
The Enterprise Architect will align technology with business strategy, leading IT solutions in Investment Management through architecture strategies and collaboration with stakeholders.
Top Skills:
Ai/MlAWSAzureJSONKafkaRestSoapXML
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
