Data Protection Information Risk Specialist

Who We Are – MassMutual

As the complexity in the world continues to increase, it’s getting hard to get simple. At MassMutual, our vision is to help people secure their future and protect the ones they love. Within MassMutual Technology, we have undergone some recent changes to simplify our organization to deliver on this vision. We will be a dependable partner to our businesses by providing high quality IT services on time and within budget. We will do so by simplifying our architecture to focus on strategically valuable technologies, investing in our people to equip them with skills of the future, and promoting a culture of ownership and delivery.

The Opportunity

Do you want to be part of a team that encourages your growth, supports your ambitions and makes it a priority for you to reach your goals? Is helping people part of who you are? At MassMutual, we help millions of people find financial freedom, offer financial protection and plan for the future. We do this by building trust with our customers by being knowledgeable problem solvers and prioritize their needs above all else. We Live Mutual.

Job Description:
 

• Strong communicator spanning both technical and with business stakeholders
• Possess a strong IT or DevOps background with knowledge of several key security practice areas: data loss prevention, security analytics, applications security
• Demonstrated passion and talent for continuous learning while aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals
• Works on complex problems that include analysis of situations and data
• Assist in evaluating, planning and assessing 'best-in-class' technologies and frameworks to drive continuous improvement in our security posture
• Help drive and improve MassMutual’s Cyber Security posture to limit exposure to data risks and areas of exploitation
• Demonstrated ability to evaluate and create traditional and non-traditional security controls
• Act as a subject matter expert on standards, control procedures, and technology by remaining aware of industry trends and best practices.
• Innovation: Continually look within and beyond their job, anticipating business needs and opportunities

Responsibilities:

• Generate innovative ideas and challenge the status quo
• Stay abreast of new trends and attack vectors
• Demonstrate teamwork with data protection engineering, security architecture, IT, data governance, privacy and compliance
• Think with a security mindset while successfully analyzing business risk and remediation effort, to prioritize efforts and projects
• Support current and future data protection technologies, while working with our internal customers to enhance the protection capabilities of those tools
• Work closely with enterprise architecture and data protection engineering to ensure there are clear plans to mitigate potential threats of data compromise through the analysis and deployment of tools for:
  • Encryption & Key Management
  • Data De-identification
  • Data Discovery
  • Classification and persistent Tagging and Labelling
• Assist the triage of potential incidents and/or control breaks to the MassMutual network and systems
• Stay abreast of new security research on threats and remediation techniques/ technology, make recommendations
• Assist and support remediation activities stemming from security event analysis, vulnerability management and intrusion detection
• Help in educating the workforce on information security through training and building awareness.
• Resilience: Adapt and thrive in complex, uncertain and changing situations.

Requirements:

• Bachelor’s Degree in information technology or associated discipline preferred
• 5 years of experience in data protection and information security
• Knowledge and experience with Encryption and Key Management solutions, Data Classification
• Familiarity with DLP and CASB solutions is a plus.
• Familiarity with privacy regulations, information security industry standards
• Good understanding of data classification standards and controls requirements
• Excellent written and oral communication skills; ability to problem solve with little to no supervision
• Excellent troubleshooting skills
• Looks for and finds ways to improve operations
• Focus on the Customer: We understand our customers well and look for every opportunity to deliver an experience that is clear, easy, personal, human, empowering and trustworthy.
• Act with Integrity: We deliver on our promises by being open, honest and humble and by adhering to the letter and spirit of applicable laws, rules, regulations and company policies.
• Value People: We respect and learn from each other’s diverse backgrounds, experiences and ideas. We engage and develop people to their greatest potential.
• Work Collaboratively: We work together to achieve results by actively listening, seeking, understanding and creating solutions as a unified team driving toward one company, one culture, and one brand.
• Achieve Results: We focus on winning by exceeding expectations and getting better – everyone, every day.