Head of Operational Risk Assessments and Governance

Head of Operational Risk Assessments and Governance
Full-Time
Boston, MA or Springfield, MA
The Opportunity
MassMutual is seeking a strategic and experienced risk leader to serve as Head of Operational Risk Assessments and Governance. This second line of defense role is responsible for the enterprise-wide oversight and management of process execution risk, and provides independent oversight of operational resilience, which is owned and managed by the first line of defense.
The successful candidate will lead key second line programs including risk and control assessment, non-financial risk appetite, loss event tracking, and post-incident analysis. This role plays a critical part in strengthening operational risk management practices, enhancing transparency, and driving accountability across the organization.
The Team
The Operational Risk team is a collaborative group of experienced risk managers and subject matter experts who oversee key enterprise risks, including third-party, financial reporting, fraud, business resilience, process execution, compliance, and reputation risk. Operating within a unified risk framework, they ensure consistent practices and effective oversight across the organization. Through close partnerships with business units and control functions, the team promotes a strong risk-aware culture, supports strategic decision-making, and enhances organizational resilience.
The Impact
Operational Risk Assessments

• Own and lead the enterprise-wide risk & control assessment program, ensuring consistent and comprehensive identification and assessment of process execution risks.
• Oversee the identification, assessment, and monitoring of process execution risks across business units and corporate functions.
• Collaborate with risk owners, control owners, and enterprise risk partners to ensure internal controls are documented in the enterprise GRC system and are designed to effectively prevent and detect critical process risks.
• Provide independent assessment and support for control design and mitigation strategies.
• Lead the development of scenario analysis, loss event data collection, and root cause analysis processes.
• Ensure risk assessments are comprehensive and actionable, enabling prioritization and mitigation of risks.
• Monitor emerging risks, regulatory developments, and industry trends to inform risk strategy.

Governance & Oversight

• Maintain and enhance governance frameworks for process execution risk, ensuring alignment with enterprise risk management standards.
• Provide second line oversight of operational resilience, including review and challenge of first line resilience strategies, testing outcomes, and incident response capabilities.
• Partner with internal audit, compliance, legal, and technology risk teams to ensure a coordinated approach to process execution risk oversight.
• Chair subcommittees chartered to govern and manage operational process risks across the firm.
• Drive continuous improvement in operational risk frameworks, methodologies, and governance.

Risk Reporting & Communication

• Develop and maintain risk appetite statements and key risk indicators (KRIs).
• Partner with Risk Owners to document risk treatment decisions, owners, and target dates when appetite thresholds are exceeded.
• Deliver timely, accurate, and insightful reporting to senior leadership and the Operational & Strategic Risk Committee on process execution and resilience risk exposures and trends.
• Promote transparency and accountability across the organization through effective risk reporting.
• Collaborate with operating units to evaluate and communicate the effectiveness of existing risk management practices.
• Support integration of risk insights into strategic decision-making and operational planning.

Leadership & Culture

• Lead a team of operational risk professionals with expertise in process execution and resilience oversight.
• Promote a strong risk-aware culture by embedding risk management into daily operations and decision-making.
• Partner with business leaders to embed risk management practices into day-to-day operations, including self-reporting of issues, key risk indicators, and incident reporting.
• Foster cross-functional collaboration to strengthen enterprise-wide risk capabilities and control discipline.
• Champion continuous improvement in operational risk methodologies, tools, and practices.

The Minimum Qualifications

• Bachelor's degree in Risk Management, Business, Operations, or related field
• 10+ years of experience in operational risk, enterprise risk, or internal controls, with at least 5+ years in a leadership role.
• Expertise in risk & control assessment programs (RCSA) and post-incident analysis.
• Experience overseeing operational resilience programs or providing second line challenge to business continuity and crisis management.
• Strong understanding of risk frameworks, regulatory expectations, and industry best practices.
• Proven ability to lead cross-functional initiatives and influence at all levels of the organization.
• Excellent analytical, communication, and leadership skills.
• Experience with GRC platforms and risk data analytics tools.

The Ideal Qualifications

• Master's degree or MBA preferred.
• Professional certifications such as FRM, CRMA, CBCP, or CERA are a plus.

#LI-LC1
MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Salary Range: $172,000.00-$225,700.00