The Opportunity

The Director of Security Awareness is responsible for developing, implementing, and managing the organization’s security awareness and training program.

The Team

This individual will lead team efforts to foster a culture of security across the organization, reduce human-related security risks, and ensure employees and stakeholders are educated on best practices for protecting sensitive data and systems.

The Impact

The role requires strategic leadership, creative program development, and the ability to measure and communicate the effectiveness of awareness initiatives.

Key Responsibilities

Program Development and Leadership:

• Design, implement, and manage a comprehensive security awareness and training program tailored to the organization’s needs.
• Align the program with business objectives, regulatory requirements, and industry best practices.
• Promote a security-first culture across all levels of the organization.

Training and Awareness Campaigns:

• Develop engaging training materials and campaigns using various formats (e.g., e-learning modules, in-person workshops, videos, and gamified learning).
• Conduct phishing simulations and other practical exercises to assess and improve employee security behavior.
• Tailor training content for diverse audiences, including executives, technical staff, general employees, and third-party vendors.

Risk Reduction and Behavior Change:

• Identify and address key human-related risks (e.g., phishing, social engineering, password management).
• Measure the impact of training programs on employee behavior and incident reduction.
• Implement strategies to address recurring security vulnerabilities or compliance gaps.

Metrics and Reporting:

• Define and track key performance indicators (KPIs) to evaluate program effectiveness.
• Report on awareness program progress, employee engagement, and risk reduction to senior leadership and the board.
• Use data-driven insights to continuously improve program effectiveness.

Collaboration and Communication:

• Work closely with IT, legal, HR, compliance, and other departments to align awareness initiatives with organizational goals.
• Partner with external vendors and consultants as needed to enhance training content and delivery.
• Act as the primary advocate for security awareness, communicating the importance of cybersecurity to all stakeholders.

Compliance and Regulatory Alignment:

• Ensure the program meets applicable regulatory and compliance requirements (e.g., NIS, NYDFS).
• Maintain documentation to provide evidence of compliance during audits or assessments.
• Stay updated on industry trends, emerging threats, and changes in compliance standards.

Incident Response Integration:

• Collaborate with the incident response team to incorporate lessons learned from security incidents into training materials.
• Ensure employees are educated on how to recognize and respond to potential security incidents.

The Minimum Qualifications

• Bachelor’s degree in information technology, Cyber Security, or a related field
• 8+ years of experience in cybersecurity
• 3+ years in a leadership role focused on security awareness and training

The Preferred Qualifications

• Strong knowledge of cybersecurity principles, threats, and best practices.
• Experience with learning management systems (LMS), phishing simulation tools, and training platforms.
• Excellent communication and presentation skills, with the ability to engage and educate diverse audiences.
• Strong analytical skills for measuring program effectiveness and driving continuous improvement.
• Creative mindset with the ability to design innovative and engaging training campaigns.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cybersecurity Awareness Professional (CCAP) or equivalent
• SANS Security Awareness Professional (SSAP)
• Certified Security Awareness Practitioner (CSAP)

Key Competencies

• Leadership and team management skills.
• Strong interpersonal and collaboration skills.
• Ability to prioritize and manage multiple projects in a dynamic environment.
• Strategic thinking and problem-solving capabilities.
• Passion for promoting cybersecurity and influencing positive behavior change.

What to Expect as Part of MassMutual and the Team

• Regular meetings with the Awareness & education team
• Focused one-on-one meetings with your manager
• Access to mentorship opportunities
• Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups
• Access to learning content on Degreed and other informational platforms
• Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefit.

#LI-SC1

Salary Range:

At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.

Why Join Us.

We’ve been around since 1851. During our history, we’ve learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.

We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It’s more than our company structure – it’s our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.

MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.

If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.

At MassMutual, we focus on ensuring fair, equitable pay by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component. For more information about our extensive benefits offerings please check out our Total Rewards at a Glance.