Vulnerability Management and Configuration Assurance Analyst
Company: MassMutual
Location: Hartford
Posted on: March 6, 2026
|
|
|
Job Description:
JOB DESCRIPTION Vulnerability Management and Configuration
Assurance Analyst Vulnerability Management and Configuration
Assurance (VMCA), Enterprise Cyber Security Full-Time, Hybrid
(Springfield, MA, Boston, MA, New York, NY) The Opportunity We are
seeking an experienced Vulnerability Management and Configuration
Assurance Engineer to join our Vulnerability Management and
Configuration Assurance team. The ideal candidate will have a deep
understanding of security principles, vulnerability management and
secure baseline configuration monitoring and designing,
implementing, and optimizing vulnerability assessment solutions for
MassMutual. As an advanced-level engineer, you will collaborate
with cross-functional teams to ensure the security posture of our
organization meets industry standards and regulatory requirements.
The Team The Vulnerability Management and Configuration Assurance
(VMCA) team is responsible for identifying, assessing,
prioritizing, reporting, and continuous monitoring of
vulnerabilities and configuration baseline deficiencies within our
organization’s infrastructure, applications, and systems. Our team
plays a critical role in maintaining the security posture of the
company by proactively managing vulnerabilities that could be
exploited by attackers. VMCA is motivated by a shared sense of
responsibility to protect the organization’s assets and reputation
by knowing our work directly mitigates security threats and
prevents potential breaches, strong collaboration with other
security and IT teams, continuous learning, innovation, and
problem-solving. The culture of VMCA consists of proactive and
preventative mindsets, collaboration, cross-disciplinary
communication, accountability, ownership, agility, adaptability,
inclusivity, knowledge sharing, and transparency. The Impact: Your
key responsibilities will consist of the following to ensure
digital assets are resilient against emerging threats, reducing
potential financial and reputational damage from security
incidents. Vulnerability Management - Lead the design,
implementation, and continuous improvement of the enterprise
vulnerability management program. - Hands on experience using
automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to
identify, assess, report, and track vulnerabilities detected on
operating systems, databases, network devices, mobile devices, and
cloud services. - Perform advanced vulnerability assessments across
on-premises, cloud, containerized, and hybrid environments. -
Analyze vulnerability scan results, prioritize findings based on
risk, exploitability, and business impact. - Integrate threat
intelligence and MITRE ATT&CK mapping to contextualize
vulnerabilities and enhance prioritization. - Collaborate with
infrastructure and business information security officers (BISO)
teams to drive timely remediation and mitigation. - Identify and
recommend compensating controls when immediate remediation is not
feasible. - Develop and maintain metrics and dashboards to report
on vulnerability trends, remediation progress, and risk posture.
Configuration Assurance - Utilize automated compliance tools to
assess and validate configuration compliance for operating systems,
databases, network devices, and cloud services. - Partner with IT
and engineering teams to remediate configuration drift and ensure
continuous compliance. - Map configuration assurance controls to
regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA).
- Maintain documentation of configuration standards and exceptions.
Data Analytics & Visualization - Leverage data analytics to
identify trends, anomalies, and risk concentrations across
vulnerability and configuration data. - Build and maintain
dashboards and visualizations using tools such as Tableau, etc. -
Present actionable insights to technical and executive stakeholders
to support risk-based decision-making. Tooling & Automation -
Develop scripts and automation workflows to streamline scanning,
reporting, and remediation tracking. - Integrate vulnerability and
configuration data into SIEM, GRC, and ticketing systems.
Governance & Reporting - Provide executive-level reporting and risk
analysis to support strategic decision-making. - Participate in
internal and external audits, ensuring evidence of vulnerability
and configuration assurance controls. - Stay current with emerging
threats, vulnerabilities, and security technologies. The Minimum
Qualifications - 8 years of experience in vulnerability management,
configuration assurance, or related security engineering roles. -
Relevant security certifications such as CISSP, CISM, OSCP, GIAC
(GSEC, GCIH, GCIA, etc.) from an industry recognized certifier
(e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) The Ideal
Qualifications - Hands on experience with vulnerability scanning
tools and configuration assessment platforms. - Familiar with
advanced vulnerability management techniques such as continuous
threat and exposure management and external attack surface
management. - Deep understanding of CVSS, MITRE ATT&CK, threat
modeling, and risk-based prioritization. - Experience implementing
and validating compensating controls in enterprise environments. -
Knowledge of cybersecurity concepts and methods including secure
configuration management, data protection, security monitoring,
incident response, patch management, governance, enterprise
security strategies, and architecture. - Deep understanding of
security vulnerabilities, exploits, and mitigation techniques. -
Strong understanding of risk analysis, vulnerability assessment
methodologies, and securing baselines. - Clear understanding of
various operating systems (Windows, Unix, etc.,), secure
configuration and build images. - Experience with cloud platforms
(AWS, Azure, GCP), container security (Docker, Kubernetes), and
security frameworks specific to cloud environment. - Familiarity
with security best practices, regulatory requirements, and industry
frameworks (e.g., NIST, ISO, CIS, etc.). - Strong scripting skills
(Python, PowerShell, Bash) for automation and data manipulation. -
Strong knowledge of networking protocols, firewalls, VPNs, and
security measures. - Strong analytical, problem-solving,
communication, and technical writing skills. - Excellent
communication skills and ability to influence cross-functional
teams. - Experience working in large, complex environments. -
Ability to manage multiple projects and tasks effectively, with a
proactive and detail-oriented approach. - Able to translate complex
technical issues into simple, easy to understand concepts. LI-SC1
MassMutual is an equal employment opportunity employer. We welcome
all persons to apply. If you need an accommodation to complete the
application process, please contact us and share the specifics of
the assistance you need. California residents: For detailed
information about your rights under the California Consumer Privacy
Act (CCPA), please visit our California Consumer Privacy Act
Disclosures page.
Keywords: MassMutual, Stratford , Vulnerability Management and Configuration Assurance Analyst, IT / Software / Systems , Hartford, Connecticut
