MassMutual
Vulnerability Management and Configuration Assurance Analyst
MassMutual, Springfield, Massachusetts, us, 01119
Vulnerability Management and Configuration Assurance Analyst
Join to apply for the
Vulnerability Management and Configuration Assurance Analyst
role at
MassMutual The Opportunity
We are seeking an experienced Vulnerability Management and Configuration Assurance Engineer to join our Vulnerability Management and Configuration Assurance team. The ideal candidate will have a deep understanding of security principles, vulnerability management and secure baseline configuration monitoring and designing, implementing, and optimizing vulnerability assessment solutions for MassMutual. As an advanced-level engineer, you will collaborate with cross-functional teams to ensure the security posture of our organization meets industry standards and regulatory requirements. The Team
The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization’s infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers. VMCA is motivated by a shared sense of responsibility to protect the organization’s assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, with strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving. The Impact
Your key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Vulnerability Management
Lead the design, implementation, and continuous improvement of the enterprise vulnerability management program. Hands-on experience using automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to identify, assess, report, and track vulnerabilities detected on operating systems, databases, network devices, mobile devices, and cloud services. Perform advanced vulnerability assessments across on-premises, cloud, containerized, and hybrid environments. Analyze vulnerability scan results, prioritize findings based on risk, exploitability, and business impact. Integrate threat intelligence and MITRE ATT&CK mapping to contextualize vulnerabilities and enhance prioritization. Collaborate with infrastructure and BISO teams to drive timely remediation and mitigation. Identify and recommend compensating controls when immediate remediation is not feasible. Develop and maintain metrics and dashboards to report on vulnerability trends, remediation progress, and risk posture. Configuration Assurance
Utilize automated compliance tools to assess and validate configuration compliance for operating systems, databases, network devices, and cloud services. Partner with IT and engineering teams to remediate configuration drift and ensure continuous compliance. Map configuration assurance controls to regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA). Maintain documentation of configuration standards and exceptions. Data Analytics & Visualization
Leverage data analytics to identify trends, anomalies, and risk concentrations across vulnerability and configuration data. Build and maintain dashboards and visualizations using tools such as Tableau. Present actionable insights to technical and executive stakeholders to support risk-based decision-making. Tooling & Automation
Develop scripts and automation workflows to streamline scanning, reporting, and remediation tracking. Integrate vulnerability and configuration data into SIEM, GRC, and ticketing systems. Governance & Reporting
Provide executive-level reporting and risk analysis to support strategic decision-making. Participate in internal and external audits, ensuring evidence of vulnerability and configuration assurance controls. Stay current with emerging threats, vulnerabilities, and security technologies. The Minimum Qualifications
Bachelor’s or master’s degree in computer science, Cybersecurity, or related field. 8+ years of experience in vulnerability management, configuration assurance, or related security engineering roles. Relevant security certifications such as CISSP, CISM, OSCP, GIAC (GSEC, GCIH, GCIA, etc.). The Ideal Qualifications
Hands-on experience with vulnerability scanning tools and configuration assessment platforms. Familiar with advanced vulnerability management techniques such as continuous threat and exposure management and external attack surface management. Deep understanding of CVSS, MITRE ATT&CK, threat modeling, and risk-based prioritization. Experience implementing and validating compensating controls in enterprise environments. Knowledge of cybersecurity concepts including secure configuration management, data protection, security monitoring, incident response, patch management, governance, and enterprise security strategies. Strong scripting skills (Python, PowerShell, Bash) for automation and data manipulation. Strong knowledge of networking protocols, firewalls, VPNs, and security measures. Excellent communication and technical writing skills, with the ability to influence cross-functional teams. Experience working in large, complex environments and managing multiple projects with a proactive, detail-oriented approach. Able to translate complex technical issues into simple concepts. What to Expect as Part of MassMutual and the Team
Regular meetings with the Vulnerability Management and Configuration Assurance team. Focused one-on-one meetings with your manager. Access to mentorship opportunities. Networking opportunities with diverse Business Resource Groups. Access to learning content on Degreed and other platforms. Extensive ethics and competitive pay and benefits. MassMutual is an equal employment opportunity employer. We welcome all persons to apply. If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
#J-18808-Ljbffr
Join to apply for the
Vulnerability Management and Configuration Assurance Analyst
role at
MassMutual The Opportunity
We are seeking an experienced Vulnerability Management and Configuration Assurance Engineer to join our Vulnerability Management and Configuration Assurance team. The ideal candidate will have a deep understanding of security principles, vulnerability management and secure baseline configuration monitoring and designing, implementing, and optimizing vulnerability assessment solutions for MassMutual. As an advanced-level engineer, you will collaborate with cross-functional teams to ensure the security posture of our organization meets industry standards and regulatory requirements. The Team
The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization’s infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers. VMCA is motivated by a shared sense of responsibility to protect the organization’s assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, with strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving. The Impact
Your key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Vulnerability Management
Lead the design, implementation, and continuous improvement of the enterprise vulnerability management program. Hands-on experience using automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to identify, assess, report, and track vulnerabilities detected on operating systems, databases, network devices, mobile devices, and cloud services. Perform advanced vulnerability assessments across on-premises, cloud, containerized, and hybrid environments. Analyze vulnerability scan results, prioritize findings based on risk, exploitability, and business impact. Integrate threat intelligence and MITRE ATT&CK mapping to contextualize vulnerabilities and enhance prioritization. Collaborate with infrastructure and BISO teams to drive timely remediation and mitigation. Identify and recommend compensating controls when immediate remediation is not feasible. Develop and maintain metrics and dashboards to report on vulnerability trends, remediation progress, and risk posture. Configuration Assurance
Utilize automated compliance tools to assess and validate configuration compliance for operating systems, databases, network devices, and cloud services. Partner with IT and engineering teams to remediate configuration drift and ensure continuous compliance. Map configuration assurance controls to regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA). Maintain documentation of configuration standards and exceptions. Data Analytics & Visualization
Leverage data analytics to identify trends, anomalies, and risk concentrations across vulnerability and configuration data. Build and maintain dashboards and visualizations using tools such as Tableau. Present actionable insights to technical and executive stakeholders to support risk-based decision-making. Tooling & Automation
Develop scripts and automation workflows to streamline scanning, reporting, and remediation tracking. Integrate vulnerability and configuration data into SIEM, GRC, and ticketing systems. Governance & Reporting
Provide executive-level reporting and risk analysis to support strategic decision-making. Participate in internal and external audits, ensuring evidence of vulnerability and configuration assurance controls. Stay current with emerging threats, vulnerabilities, and security technologies. The Minimum Qualifications
Bachelor’s or master’s degree in computer science, Cybersecurity, or related field. 8+ years of experience in vulnerability management, configuration assurance, or related security engineering roles. Relevant security certifications such as CISSP, CISM, OSCP, GIAC (GSEC, GCIH, GCIA, etc.). The Ideal Qualifications
Hands-on experience with vulnerability scanning tools and configuration assessment platforms. Familiar with advanced vulnerability management techniques such as continuous threat and exposure management and external attack surface management. Deep understanding of CVSS, MITRE ATT&CK, threat modeling, and risk-based prioritization. Experience implementing and validating compensating controls in enterprise environments. Knowledge of cybersecurity concepts including secure configuration management, data protection, security monitoring, incident response, patch management, governance, and enterprise security strategies. Strong scripting skills (Python, PowerShell, Bash) for automation and data manipulation. Strong knowledge of networking protocols, firewalls, VPNs, and security measures. Excellent communication and technical writing skills, with the ability to influence cross-functional teams. Experience working in large, complex environments and managing multiple projects with a proactive, detail-oriented approach. Able to translate complex technical issues into simple concepts. What to Expect as Part of MassMutual and the Team
Regular meetings with the Vulnerability Management and Configuration Assurance team. Focused one-on-one meetings with your manager. Access to mentorship opportunities. Networking opportunities with diverse Business Resource Groups. Access to learning content on Degreed and other platforms. Extensive ethics and competitive pay and benefits. MassMutual is an equal employment opportunity employer. We welcome all persons to apply. If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
#J-18808-Ljbffr