Execute third-party risk assessments and due diligence, identify control gaps, document findings, track metrics and remediation, support incident response, and collaborate with stakeholders to ensure third parties meet security and technology standards.
Third-Party Risk Consultant, ETX Governance, Risk & Compliance Team
Full-Time, Springfield/Boston
The Opportunity
As a Third-Party Risk Consultant, you will play a crucial role in implementing the third-party risk framework. This position is responsible for executing third-party risk assessments and due diligence activities across the MassMutual's third-party ecosystem. Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and enhance operational efficiency throughout the organization.
The Team
The ETX Governance, Risk & Compliance Team is comprised of governance and risk professionals responsible for implementing governance processes and risk management practices for the ETX (Information Technology) organization. We work closely with our business and technology partners and succeed together by designing practical and effective technology governance and risk management solutions to increase operational efficiency.
The Impact
The Minimum Qualifications
The Ideal Qualifications
What You Can Expect at MassMutual
MassMutual offers the opportunity to do meaningful work within a purpose-driven organization that values long-term impact over short-term outcomes. In this role, you can expect:
#LI-RK1
MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
California residents: For detailed information about your rights under the California Consumer Privacy Act (CCPA), please visit our California Consumer Privacy Act Disclosures page.
Salary Range: $86,200-$113,100
Full-Time, Springfield/Boston
The Opportunity
As a Third-Party Risk Consultant, you will play a crucial role in implementing the third-party risk framework. This position is responsible for executing third-party risk assessments and due diligence activities across the MassMutual's third-party ecosystem. Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and enhance operational efficiency throughout the organization.
The Team
The ETX Governance, Risk & Compliance Team is comprised of governance and risk professionals responsible for implementing governance processes and risk management practices for the ETX (Information Technology) organization. We work closely with our business and technology partners and succeed together by designing practical and effective technology governance and risk management solutions to increase operational efficiency.
The Impact
- Analyze third-party services, data flows, and system integrations to identify and recommend inherent and residual risk exposure.
- Collaborate with issue management teams to ensure identified risks, including vulnerabilities, are appropriately tracked, communicated, and remediated
- Contribute to status reporting and metrics tracking for ongoing third-party risk activities
- Evaluate, document, communicate, and support breach event and incident response activities
- Execute risk evaluation procedures by reviewing evidence, documenting observations, and recording results in accordance with defined templates and quality standards
- Identify control gaps, weaknesses, or non-compliance issues and clearly document and recommend findings for further review and disposition
- Partner with senior practitioners to support risk rating determinations and escalation decisions
- Apply knowledge and discretion when performing risk assessments to ensure third parties meet security and technology standards in alignment with established practices and procedures
- Proactively escalate delays, gaps in information, or emerging risks to the team lead
- Research and consult with internal subject matter experts to understand and document risk identified through risk assessments and due diligence practices, and communicate the findings to stakeholders
The Minimum Qualifications
- 2+ years of experience in risk management and/or completing third-party risk assessments
- 2+ years of experience implementing metrics to track status, identify trends, and surface potential issues
- 2+ years of experience working in an enterprise GRC platform, including proficient use of Excel import/export functions
The Ideal Qualifications
- Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field
- 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit, or testing controls
- Proficiency with SharePoint and related tools used to execute an effective regulatory compliance program
- Experience communicating regulatory requirements to technical and non-technical audiences, and facilitating discussions between ETX owners, Compliance, and Law to ensure a shared understanding and effective compliance
- Foundational understanding of third-party risk domains, including:
- Cybersecurity and data protection
- Cloud/SaaS risk considerations
- Identity and access management (e.g., SSO vs. standalone access)
- Business continuity and resiliency
- Familiarity with industry frameworks such as NIST, ISO 27001, SOC 2, or similar
- Ability to interpret control evidence and assess adequacy relative to risk
- Strong written and verbal communication skills, with the ability to interact effectively with internal stakeholders and third parties
- Demonstrated ability to execute with limited guidance while meeting deadlines in a structured, process-driven environment
- Strong attention to detail and documentation discipline
What You Can Expect at MassMutual
MassMutual offers the opportunity to do meaningful work within a purpose-driven organization that values long-term impact over short-term outcomes. In this role, you can expect:
- Clear areas of ownership and accountability, with work that connects directly to company and customer outcomes
- A collaborative environment where perspectives are welcomed
- Access to learning, development, and internal networks that support continuous growth and skill-building over time
- Employee-led communities and forums that foster connection, learning, and inclusion across the organization
- A culture grounded in integrity, responsibility, and stewardship-supported by a company with a strong legacy and a future-focused mindset
#LI-RK1
MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
California residents: For detailed information about your rights under the California Consumer Privacy Act (CCPA), please visit our California Consumer Privacy Act Disclosures page.
Salary Range: $86,200-$113,100
MassMutual Boston, Massachusetts, USA Office





Our new Boston campus opened in November in the Seaport neighborhood.




Just like MassMutual, Boston's Seaport district is surrounded by decades of history, yet is now being recognized as a hub for digital innovation and professional growth. With us you can develop the skills you need to build a successful future and connect with talented and collaborative colleagues working together to help people secure their future and protect the ones they love.
Similar Jobs at MassMutual
Big Data • Fintech • Information Technology • Insurance • Financial Services
Deliver instructor-led and virtual training for new and tenured Operations associates. Lead classroom and virtual environments, partner with instructional designers and leaders to improve curriculum, track learner progress via LMS and reporting, and coach peers to model facilitation excellence and continuous improvement.
Top Skills:
LmsMicrosoft TeamsWebexZoom
Big Data • Fintech • Information Technology • Insurance • Financial Services
The Investment Reporting Manager manages and executes internal and external financial reporting, ensuring accuracy and timeliness while leading a team to improve processes and analysis related to investment products in the insurance industry.
Top Skills:
Micro StrategyExcelSAP
Big Data • Fintech • Information Technology • Insurance • Financial Services
The Business Systems Analyst provides expertise on investment accounting systems, facilitating communication between business stakeholders and technology teams, analyzing data management, and guiding complex technical solutions.
Top Skills:
Blackrock AladdinExcelLucid ChartOracleSQL
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories










