Cyber Third-Party Analyst

Posted 2 Days Ago
Be an Early Applicant
Springfield, MA
Hybrid
103K-135K Annually
Senior level
Big Data • Fintech • Information Technology • Insurance • Financial Services
We help people secure their future and protect the ones they love.
The Role
The Cyber Third-Party Analyst will assess and mitigate third-party risk through risk assessments, documentation of findings, incident response support, and continuous collaboration with stakeholders. The role involves maintaining security policies and creating reports to communicate risks to stakeholders effectively.
Summary Generated by Built In

The Opportunity
We are seeking an experienced Third-Party Analyst to join our Cyber Third-Party team. You will join a highly collaborative, fast paced team focused on assessing and mitigating third-party risk. This role will require collaboration across multiple disciplines, exceptional communication and documentation skills, and an exceptional understanding of information security best practices.
The Team:
As a member of the team, you will strive to ensure the protection of MassMutual's customer and corporate data in line with enterprise risk practices.
The Impact:
The key responsibilities as a member of the Cyber Third-party Team include, but are not limited to, the following:

  • Perform third-party risk assessments to ensure third parties meet minimum security standards based on the overall risk of the third-party.
  • Research and consult with internal subject matter experts to understand and document risk identified through risk assessments and due diligence processes; and communicate the findings to stakeholders.
  • Support and create third-party risk reports and key risk metrics to assist with the coordination and communication of third-party risks to stakeholders and business partners.
  • Evaluate, document, communicate and drive incident response activities related to a cyber event at a MassMutual Third-Party.
  • Collaborate with stakeholders, business partners, and other subject matter experts to continuously improve the cyber third-party risk processes.
  • Document and maintain policies, procedures, security best practices as related to third-party risk management and effectively communicate any changes to the stakeholder community.


The Minimum Qualifications

  • Associate's degree in cyber security or related field
  • 5+ years of experience in application security, compliance, audit, risk management, or related field


The Ideal Qualifications

  • Bachelor's degree, preferably in computer science, Information Security, Cybersecurity, or related field
  • Master's degree in cyber security or related field.
  • Relevant Cybersecurity Certifications: CISSP, CRISC, CISA, CTPRP, CTPRA.
  • Experience with GRC controls, risk management, compliance practices, IT standards and Financial Services regulations.
  • Working knowledge of NIST 800-53 (National Institute of Standards & Technology) and NIST CSF Controls.
  • Strong knowledge of cybersecurity principles, core frameworks, and industry best practices.
  • Strong oral and written communication skills, proven technical abilities and strong computer skills.
  • Functional knowledge of cloud environments such as AWS and Azure.
  • Proven understanding of complex technical systems and the business processes they support, combined with an ability to synthesize the relevant risks/ controls, and explain the security issues to all stakeholders.
  • Excellent communication skills (verbal and written) to interact effectively, establish credibility and influence at all levels.
  • Strong analytical abilities and critical thinking skills.
  • Ability to compile reports, summaries, and presentations to communicate findings to key stakeholders across the organization.
  • Demonstrated basic project management and documentation skills to manage multiple parallel workstreams.
  • Demonstrated success as a team player with the ability to work in a collaborative, fast-paced environment.
  • Familiarity with GRC platforms such as Archer, ProcessUnity, Onspring, etc.
  • Familiarity with third-party continuous monitoring solutions such as Bitsight, RiskRecon, or Security Scorecard.


What to Expect as Part of MassMutual and the Team

  • Regular meetings within the Cyber Third-Party Team.
  • Focused one-on-one sessions with your manager.
  • Access to mentorship opportunities.
  • Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups.
  • Access to learning content on Degreed and other educational platforms.
  • Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits.


#LI-RK1
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
Salary Range: $102,500.00-$134,500.00

Top Skills

Cybersecurity
Information Security

What the Team is Saying

Alex
Nathalie
Asieh
David
Kymberly
Jasmine
The Company
HQ: Springfield, MA
6,000 Employees
Hybrid Workplace
Year Founded: 1851

What We Do

Since 1851, MassMutual’s commitment has always been to help people protect their families, support their communities, and help one another. This is why we want to inspire people to Live Mutual. We’re people helping people.

Together, we’re stronger.

Why Work With Us

MassMutual has the financial security and stability of a 170+ year old company, with the culture and energy of a startup. We work every day with the customer front of mind to build the best digital experience in the industry.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

MassMutual Teams

Team
Boston Campus
About our Teams

MassMutual Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

We believe in capitalizing on the best of being together in our offices as well as personal flexibility. Our workplace philosophy puts office collaboration first, combined with flexibility to work remotely.

Typical time on-site: 3 days a week
Company Office Image
HQSpringfield, MA
Company Office Image
Boston, MA
Company Office Image
New York, NY
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account