Cyber Third-Party Analyst
Company: MassMutual
Location: Boston
Posted on: November 7, 2024
Job Description:
The OpportunityWe are seeking an experienced Third-Party Analyst
to join our Cyber Third-Party team. You will join a highly
collaborative, fast paced team focused on assessing and mitigating
third-party risk. This role will require collaboration across
multiple disciplines, exceptional communication and documentation
skills, and an exceptional understanding of information security
best practices.The Team:As a member of the team, you will strive to
ensure the protection of MassMutual's customer and corporate data
in line with enterprise risk practices.The Impact:The key
responsibilities as a member of the Cyber Third-party Team include,
but are not limited to, the following:
- Perform third-party risk assessments to ensure third parties
meet minimum security standards based on the overall risk of the
third-party.
- Research and consult with internal subject matter experts to
understand and document risk identified through risk assessments
and due diligence processes; and communicate the findings to
stakeholders.
- Support and create third-party risk reports and key risk
metrics to assist with the coordination and communication of
third-party risks to stakeholders and business partners.
- Evaluate, document, communicate and drive incident response
activities related to a cyber event at a MassMutual
Third-Party.
- Collaborate with stakeholders, business partners, and other
subject matter experts to continuously improve the cyber
third-party risk processes.
- Document and maintain policies, procedures, security best
practices as related to third-party risk management and effectively
communicate any changes to the stakeholder community.The Minimum
Qualifications
- Bachelor's degree, preferably in computer science, Information
Security, Cybersecurity, or related field
- 5+ years of experience in application security, compliance,
audit, risk management, or related fieldThe Ideal Qualifications
- Master's degree in cyber security or related field.
- Relevant Cybersecurity Certifications: CISSP, CRISC, CISA,
CTPRP, CTPRA.
- Experience with GRC controls, risk management, compliance
practices, IT standards and Financial Services regulations.
- Working knowledge of NIST 800-53 (National Institute of
Standards & Technology) and NIST CSF Controls.
- Strong knowledge of cybersecurity principles, core frameworks,
and industry best practices.
- Strong oral and written communication skills, proven technical
abilities and strong computer skills.
- Functional knowledge of cloud environments such as AWS and
Azure.
- Proven understanding of complex technical systems and the
business processes they support, combined with an ability to
synthesize the relevant risks/ controls, and explain the security
issues to all stakeholders.
- Excellent communication skills (verbal and written) to interact
effectively, establish credibility and influence at all
levels.
- Strong analytical abilities and critical thinking skills.
- Ability to compile reports, summaries, and presentations to
communicate findings to key stakeholders across the
organization.
- Demonstrated basic project management and documentation skills
to manage multiple parallel workstreams.
- Demonstrated success as a team player with the ability to work
in a collaborative, fast-paced environment.
- Familiarity with GRC platforms such as Archer, ProcessUnity,
Onspring, etc.
- Familiarity with third-party continuous monitoring solutions
such as Bitsight, RiskRecon, or Security Scorecard.What to Expect
as Part of MassMutual and the Team
- Regular meetings within the Cyber Third-Party Team.
- Focused one-on-one sessions with your manager.
- Access to mentorship opportunities.
- Networking opportunities including access to Asian,
Hispanic/Latinx, African American, women, LGBTQIA+, veteran and
disability-focused Business Resource Groups.
- Access to learning content on Degreed and other educational
platforms.
- Your ethics and integrity will be valued by a company with a
strong and stable ethical business with industry leading pay and
benefits.#LI-RK1MassMutual is an Equal Employment Opportunity
employer Minority/Female/Sexual Orientation/Gender
Identity/Individual with Disability/Protected Veteran. We welcome
all persons to apply. Note: Veterans are welcome to apply,
regardless of their discharge status.
If you need an accommodation to complete the application process,
please contact us and share the specifics of the assistance you
need.
Keywords: MassMutual, Springfield , Cyber Third-Party Analyst, Professions , Boston, Massachusetts
Didn't find what you're looking for? Search again!
Loading more jobs...