Cyber Third-Party Analyst

The Opportunity We are seeking an experienced Third-Party Analyst to join our Cyber Third-Party team. You will join a highly collaborative, fast paced team focused on assessing and mitigating third-party risk. This role will require collaboration across multiple disciplines, exceptional communication and documentation skills, and an exceptional understanding of information security best practices. The Team: As a member of the team, you will strive to ensure the protection of MassMutual’s customer and corporate data in line with enterprise risk practices. The Impact: The key responsibilities as a member of the Cyber Third-party Team include, but are not limited to, the following: Perform third-party risk assessments to ensure third parties meet minimum security standards based on the overall risk of the third-party. Research and consult with internal subject matter experts to understand and document risk identified through risk assessments and due diligence processes; and communicate the findings to stakeholders. Support and create third-party risk reports and key risk metrics to assist with the coordination and communication of third-party risks to stakeholders and business partners. Evaluate, document, communicate and drive incident response activities related to a cyber event at a MassMutual Third-Party. Collaborate with stakeholders, business partners, and other subject matter experts to continuously improve the cyber third-party risk processes. Document and maintain policies, procedures, security best practices as related to third-party risk management and effectively communicate any changes to the stakeholder community. The Minimum Qualifications Bachelor’s degree, preferably in computer science, Information Security, Cybersecurity, or related field 5+ years of experience in application security, compliance, audit, risk management, or related field The Ideal Qualifications Master’s degree in cyber security or related field. Relevant Cybersecurity Certifications: CISSP, CRISC, CISA, CTPRP, CTPRA. Experience with GRC controls, risk management, compliance practices, IT standards and Financial Services regulations. Working knowledge of NIST 800-53 (National Institute of Standards & Technology) and NIST CSF Controls. Strong knowledge of cybersecurity principles, core frameworks, and industry best practices. Strong oral and written communication skills, proven technical abilities and strong computer skills. Functional knowledge of cloud environments such as AWS and Azure. Proven understanding of complex technical systems and the business processes they support, combined with an ability to synthesize the relevant risks/ controls, and explain the security issues to all stakeholders. Excellent communication skills (verbal and written) to interact effectively, establish credibility and influence at all levels. Strong analytical abilities and critical thinking skills. Ability to compile reports, summaries, and presentations to communicate findings to key stakeholders across the organization. Demonstrated basic project management and documentation skills to manage multiple parallel workstreams. Demonstrated success as a team player with the ability to work in a collaborative, fast-paced environment. Familiarity with GRC platforms such as Archer, ProcessUnity, Onspring, etc. Familiarity with third-party continuous monitoring solutions such as Bitsight, RiskRecon, or Security Scorecard. What to Expect as Part of MassMutual and the Team Regular meetings within the Cyber Third-Party Team. Focused one-on-one sessions with your manager. Access to mentorship opportunities. Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups. Access to learning content on Degreed and other educational platforms. Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits. #LI-RK1 MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status. If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.