932 IT & Software Developer jobs in the US
C / C++ Developer Jobs in the US
C / C++
.NET Developer Jobs in the US
C#.NET
Data Science & Engineering Jobs in the US
Data
Golang Developer Jobs in the US
Golang
Java Developer Jobs in the US
Java
JavaScript Developer Jobs in the US
JavaScript
Mobile app Developer Jobs in the US
Mobile
PHP Developer Jobs in the US
PHP
Python Developer Jobs in the US
Python
Ruby on Rails Developer Jobs in the US
Ruby
SAP Developer Jobs in the US
SAP
System Engineer Jobs in the US
System
DevOps Engineer Jobs in the US
DevOps
IT & ICT Jobs in the US
IT
Database Developer Jobs in the US
Database
QA, Software Tester Jobs in the US
QA, Test
Machine-Learning Developer Jobs in the US
ML, AI
Security Engineer Jobs in the US
Security
Network Engineer Jobs in the US
Network
GameDev Developer Jobs in the US
GameDev
Blockchain Developer Jobs in the US
Blockchain
UI / UX Designer Jobs in the US
UX, UI
Architect Specialist Jobs in the US
Architect
Product / Project Manager Jobs in the US
Business
IT Management Jobs in the US
Manager
IT Support Jobs in the US
Support
Rust Developer Jobs in the US
Rust
Hardware Engineer Jobs in the US
Hardware
No-Code Developer Jobs in the US
No-Code

MassMutual jobs

Vulnerability Management Analyst

$105,000 - 149,000
MassMutual
Capitol Avenue 410, HARTFORD
$105,000 - 149,000
Company Size icon
Company Size
5k+
Company Type icon
Company Type
Services
Exp Level icon
Exp Level
Senior
Job Type icon
Job Type
Full-Time
Language icon
Language
English
Visa sponsorship icon
Visa sponsorship
No

Requirements

Must:
- Bachelors or masters degree in computer science, cybersecurity, or a related discipline. - Over 8 years of experience in vulnerability management, configuration assurance, or comparable security engineering roles. - Relevant security certifications such as CISSP, CISM, OSCP, GIAC (GSEC, GCIH, GCIA, etc.) from recognized industry bodies (e.g., SANS/GIAC, CompTIA, ISACA, ISC2). - Proficiency with vulnerability scanning tools and configuration assessment platforms. - Familiarity with advanced vulnerability management strategies including continuous threat and exposure management and external attack surface management. - Comprehensive knowledge of CVSS, MITRE ATT&CK, threat modeling, and risk-based prioritization. - Experience in implementing and validating compensating controls in enterprise settings. - Understanding of cybersecurity principles including secure configuration management, data protection, security monitoring, incident response, patch management, governance, and enterprise security frameworks. - Deep familiarity with security vulnerabilities, exploits, and mitigation strategies. - Strong comprehension of risk analysis, vulnerability assessment methodologies, and secure baselining. - Knowledge of various operating systems (Windows, Unix, etc.) and secure configuration practices. - Experience with cloud platforms (AWS, Azure, GCP), container security (Docker, Kubernetes), and cloud-specific security frameworks. - Awareness of security best practices and compliance requirements (e.g., NIST, ISO, CIS). - Proficient scripting skills (Python, PowerShell, Bash) for automation and data processing. - Solid understanding of networking protocols, firewalls, VPNs, and security measures. - Strong analytical, problem-solving, communication, and technical writing abilities. - Excellent communication capabilities and the ability to influence teams across functions. - Experience in operating within large, complex organizational structures. - Ability to manage multiple projects and responsibilities effectively with attention to detail. - Skill in simplifying intricate technical challenges into clear, understandable concepts.

Technologies

AWS
Azure
Bash
Cloud
Docker
GCP
Support
Kubernetes
Mobile
Network
PowerShell
Python
Security
Tableau
Unix

Responsibilities

- Lead the development, implementation, and ongoing enhancement of the enterprise vulnerability management program. - Use automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to identify, evaluate, report, and monitor vulnerabilities across operating systems, databases, network devices, mobile devices, and cloud services. - Conduct advanced vulnerability assessments in on-premises, cloud, container, and hybrid environments. - Analyze vulnerability scan findings, prioritizing them based on risk, exploitability, and business impact. - Integrate threat intelligence and MITRE ATT&CK mappings to provide context for vulnerabilities and improve prioritization. - Work closely with infrastructure and business information security officers (BISO) to ensure prompt remediation and mitigation efforts. - Suggest and implement compensating controls when immediate remediation is impractical. - Create and manage metrics and dashboards to report on vulnerability trends, remediation progress, and overall risk posture. - Utilize automated compliance tools to verify configuration compliance for operating systems, databases, network devices, and cloud services. - Collaborate with IT and engineering departments to address configuration drift and guarantee continuous compliance. - Align configuration assurance controls with key regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA). - Keep accurate documentation of configuration standards and any exceptions. - Use data analytics to spot trends, anomalies, and risks across vulnerability and configuration datasets. - Develop and maintain dashboards and visualizations using tools like Tableau. - Present actionable insights to both technical and executive audiences to inform risk-based decision-making. - Automate processes by creating scripts and workflows to enhance scanning, reporting, and remediation tracking. - Incorporate vulnerability and configuration data into SIEM, GRC, and ticketing systems. - Provide executive-level reports and risk analyses to guide strategic decision-making. - Involve in both internal and external audit processes, ensuring evidence is available for vulnerability and configuration controls compliance. - Stay updated on emerging threats, vulnerabilities, and advancements in security technologies.

Description


We are an organization dedicated to safeguarding our digital and operational assets, and we are searching for an experienced Vulnerability Management and Configuration Assurance Engineer to enhance our Vulnerability Management and Configuration Assurance team. Our work is integral to the companys security posture, actively identifying and managing vulnerabilities to prevent potential breaches. We foster a culture of collaboration, accountability, and continuous learning. We offer a vibrant work environment, mentorship opportunities, and access to numerous Business Resource Groups that support diverse communities. Join us, and be part of a team that values ethics, integrity, and expertise, all while providing industry-leading compensation and benefits.
Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the USDevOps Engineer jobs in the USDevOps Engineer jobs Hartford, CT
You can find DevOps salaries in the United States here.

How many DevOps jobs are in the United States?

Currently, there are 932 DevOps openings. Check also: Cloud jobs, AWS jobs, Azure jobs, GCP jobs, Kubernetes jobs, Docker jobs, Terraform jobs - all with salary brackets.

Is the US a good place for DevOps?

The US is one of the best countries to work as a DevOps. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for DevOps jobs in the United States?

Sched LLC, Jump, Snaplii, Meitou Inc., Freedom Pet Supplies, Infoya Inc., GE Aerospace among others, are currently hiring for DevOps roles in the United States.

The company with most openings is Boeing as they are hiring for 70 different DevOps jobs in the United States. They are probably quite committed to find good DevOps.