Head of Security Platform Engineering
This leader will play a pivotal role in ensuring the security and privacy of MassMutual's digital ecosystem in compliance with our policies and standards, while enabling smooth access for authorized users. The ideal candidate will possess a strategic mindset, extensive cybersecurity technical expertise, and a proven track record in successfully building and leading strong cybersecurity engineering teams and enhancing the information security landscape of an organization.
The Head of Security Platform Engineering will be responsible for designing, implementing, and managing our enterprise-wide security infrastructure. The ideal candidate will have expertise in a diverse range of security domains, including Security Solutions Architecture, Enterprise Logging, SIEM, Security Data Streaming and Pipelines, SOAR, Threat Intelligence Platform (TIP), Endpoint Security, DLP, IAM, PAM.
Responsibilities include setting and coordinating program strategies, governance and execution of the of the strategies, solution design and integrations, program awareness, securing funding and budget management, business relationship management, and organizational change management. This position requires a highly strategic and seasoned leader with strong business acumen and extensive working knowledge of security platforms, technologies, practices, policies, and their application at enterprise scale. The successful candidate has proven track record and success of building strong, diverse, talented cybersecurity teams who can deliver operational excellence in their programs and someone who is very comfortable interacting with the most senior levels of the organization to help direct and lead the Security Platform Engineering programs as a business enabler for the company.
Key Responsibilities:
- Develop and implement strategies and roadmaps that are in compliance with MM policies, standards and procedures.
- Build and lead a team of strong, technical professionals, providing guidance, mentorship, and fostering a culture of innovation, inclusion, collaboration and continuous improvement.
- Security Solutions Architecture
- Design and architect comprehensive security solutions that align with business goals and compliance requirements.
- Collaborate with solution architects to integrate security into the overall enterprise architecture.
- IAM and PAM
- Lead & oversee the design and development of Authentication solutions that enforce applicable organization security policies and access management requirements.
- Oversee strategy and operations of IAM systems, including user provisioning, de-provisioning, authentication mechanisms, and role-based access controls and implementing monitoring and auditing processes to ensure compliance and detect anomalies.
- Lead and oversee the build, configuration, and architecture of one or more authentication platforms, such as Okta and Azure including integral technology components such as SSO (Single sign-on), registration, identity proofing, multifactor authentication, password resets, etc.
- Enterprise Logging, SIEM and Data Pipelines
- Manage and optimize centralized logging infrastructure for comprehensive log collection.
- Implement strategies to ensure logs are collected, normalized, and retained efficiently.
- Implement and manage data streaming solutions to enable real-time analysis of security events.
- Ensure seamless integration between security tools for continuous data flow.
- Endpoint Security
- Implement and manage endpoint protection solutions to secure all devices within the enterprise.
- Ensure the configuration and monitoring of antivirus, anti-malware, and endpoint detection and response (EDR) solutions.
- Data Loss Prevention
- Deploy and maintain DLP solutions to prevent unauthorized access and transmission of sensitive data.
- Collaborate with the Data Protection Team to implement solutions for effective DLP policy and control enforcement.
- Manage infrastructure for tooling such as TIP, SOAR, DLP and other security platforms.
- Partner with stakeholders to understand access requirements and translate them into effective security technology solutions.
- Ensure security technology solutions and practices align with regulatory requirements and security standards.
- Align initiatives with business goals, compliance requirements, and ensure the tools and capabilities are aligned with our overall MassMutual technology strategy and infrastructure landscape.
- Evaluate security trends, evolving threats, risks and vulnerabilities then apply capabilities and tools to mitigate and measure risk.
- Map multiple-year IT planning efforts to align with business needs, changing technologies, and evolving threats to ensure the accomplishment of objectives within applicable budgets.
- Coordinating with MassMutual's incident response teams to promptly address security incidents and breaches.
- Taking on new opportunities and tough challenges with a sense of urgency, high-energy and enthusiasm.
- Ensure continuous improvement of all programs - Review, update, and recommend changes to policies, standards, and procedures to mature the Security Platform Engineering portfolio.
Qualifications:
- 15+ years of IT infrastructure and information security experience.
- 8+ years leading an advanced enterprise IAM information security practice.
- Strategic and forward-thinking technology leader with deep expertise in engineering and security technologies including strategy.
- Excellent communication, interpersonal skills, and executive presence with the ability to partner and influence across multiple organizations, up to Executive Leadership Team. Able to present complex technical information to non-technical stakeholders.
- Experience in developing and effectively managing large budgets.
- Proven experience in designing, building, and managing Security Platforms and systems in a complex enterprise environment.
- Track record of defining and delivering a strategic roadmap for best-in-class capabilities across the Security Platform Engineering space.
- Understanding of authorization concepts and frameworks (e.g., RBAC, ABAC).
- Familiarity with regulatory requirements, such as GDPR, HIPAA, or NYDFS.
- Bachelor's or Master's degree in Information Technology, Computer Engineering, or a related field. Advanced degree preferred.
- CISSP is desired.
#LI-MC1
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.