Business Information Security Officer
The Business Information Security Officer (BISO) sits within MassMutual’s Enterprise Technology Experience (ETX) division, within the Enterprise Cyber Security (ECS) department and provides cyber security risk understanding and enables sound cyber risk decision making through the development and maintenance of a relevant, transparent, proactive, and actionable cyber risk landscape.
The BISO enables cyber security risk reduction by working collaboratively with business partners, at all levels, and Enterprise Cyber Security (ECS) Programs to identify, prioritize and mitigate cyber-security risks
What success looks like:
Act as a trusted advisor to the lines of businesses they support within a defined coverage model, adding value as an extended member of each line of business’s leadership team
Understand strategic goals and embed cyber risk management into the culture of the line of business, acting as both a feedback loop across ECS, ETX and the enterprise.
Acts as a trusted advisor to ECS Programs to enable to successful implementation of cyber security controls, and is responsible for ensuring the success of each program and their success key performance indicators (KPIs) and objective and key results (OKRs).
Creates opportunities for information sharing, in line with core business acumen competency goals for the department and the company as a whole.
The Minimum Qualifications:
5 years in Cyber Security, Technology Risk Management, Cyber Security Program Management or a related field
Exceptional relationship management – building and maintaining collaborative partnerships across all levels of an organization
Proven ability to articulate the why and to enable fact-based decision making.
Excellence in Execution – Ensuring commitments are met and ensuring key stakeholders are constantly informed of status.
Strong leadership qualities and business acumen and an ability to communicate with all levels of the organization
Sound business judgment and decision-making skills
Strong communication and interpersonal skills
Self-starter who is willing to take on new challenges in response to the changing cyber threat landscape
Ability to work east coast hours
Ability to travel occasionally to Boston, MA; Springfield, MA and NY,NY.
The Ideal Qualifications:
7 years in Cyber Security, Technology Risk Management, Cyber Security Program Management or a related field
Experience with all aspects of cyber-security risk including – identification, analysis, quantification, and remediation strategies
Excellent written and verbal communication skills
Demonstrated success in guiding, and influencing sound cyber risk and security remediation strategies aligned with core business objectives and risk appetite
Ability to deal with the ambiguity associated with working in a fast paced and changing environment
Experience or knowledge in life insurance and/or financial services products and services
To apply for this job email your details to email@example.com