AppSec Jobs
← Back to all jobs

MassMutual

Application Security Engineer

Springfield, MAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About MassMutual

MassMutual, or Massachusetts Mutual Life Insurance Company, is a prominent mutual life insurance company founded in 1851 in Springfield, Massachusetts. As a mutual company, it is owned by its policyholders and focuses on serving their long-term financial interests. The company offers a wide range of financial products and services, including various life insurance policies, annuities, disability income insurance, long-term care insurance, retirement planning products, mutual funds, and trust services. These offerings are designed to help individuals and families secure their financial future and plan for long-term stability. MassMutual serves over ten million clients through more than 1,200 offices across the United States and internationally in several countries. It is recognized for its financial strength and stability, consistently earning high ratings in the industry. The company is also committed to diversity and inclusion in the workplace.

Industry

financial services

Employees

12,000

467 engineers

Revenue

$41B

Website

Visit →

Security at MassMutual

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • MassMutual's corporate security philosophy emphasizes securing customer and company data daily.
  • They focus on investing in cybersecurity talent through ongoing education and training.
  • Their teams continuously monitor information systems and risk factors.
  • The Application Security team's mission is to ensure the security of MassMutual applications, collaborating with the SDLC Council to develop and maintain secure coding standards.
  • They partner with DevOps teams to implement security within CI/CD, leverage automated tools and manual testing techniques, and require familiarity with SAST, DAST, and IAST tools.

Security Team

Eric Boateng was named "Head of Enterprise Cyber Security"(as of), responsible for leading the company's cybersecurity and cyber risk management strategies. He is also referred to as "Chief Information Security Officer & Head of Enterprise Cyber Security at MassMutual". An "Application Security team"exists, focused on identifying, risk assessing, prioritizing, reporting, remediation guidance, and continuously monitoring applications for vulnerabilities. This team comprises individuals with diverse backgrounds, from software engineering to red teaming. Public information on the exact AppSec team size, reporting lines, or the current count of active AppSec job postings at the org-level is not publicly available.

Key Initiatives

MassMutual's AppSec initiatives include secure SDLC involvement, where they collaborate with the SDLC Council to develop and maintain secure coding standards. They practice 'shift-left' by partnering with DevOps teams to implement security within CI/CD. Their vulnerability management process involves activities to identify, risk assess, prioritize, report, provide remediation guidance, and continuously monitor applications for vulnerabilities. They conduct detailed threat modeling and perform in-depth security assessments, including vulnerability scanning and code reviews. No public evidence was found for a Security Champions program or specific SLAs, MTTRs, or ticketing platform details. Also, no recent AppSec-specific initiatives (last 6 months) were publicly announced.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.