Vulnerability Management and Configuration Assurance Analyst
MassMutual
Springfield, MA
The Opportunity We are seeking an experienced Vulnerability Management and Configuration Assurance Engineer to join our Vulnerability Management and Configuration Assurance team. The ideal candidate will have a deep understanding of security principles, vulnerability management and secure baseline configuration monitoring and designing, implementing, and optimizing vulnerability assessment solutions for MassMutual. As an advanced-level engineer, you will collaborate with cross-functional teams to ensure the security posture of our organization meets industry standards and regulatory requirements. The Team The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization’s infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers. VMCA is motivated by a shared sense of responsibility to protect the organization’s assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving. The culture of VMCA consists of proactive and preventative mindsets, collaboration, cross-disciplinary communication, accountability, ownership, agility, adaptability, inclusivity, knowledge sharing, and transparency. The Impact Your key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Vulnerability Management
- Lead the design, implementation, and continuous improvement of the enterprise vulnerability management program.
- Hands on experience using automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to identify, assess, report, and track vulnerabilities detected on operating systems, databases, network devices, mobile devices, and cloud services.
- Perform advanced vulnerability assessments across on-premises, cloud, containerized, and hybrid environments.
- Analyze vulnerability scan results, prioritize findings based on risk, exploitability, and business impact.
- Integrate threat intelligence and MITRE ATT&CK mapping to contextualize vulnerabilities and enhance prioritization.
- Collaborate with infrastructure and business information security officers (BISO) teams to drive timely remediation and mitigation.
- Identify and recommend compensating controls when immediate remediation is not feasible.
- Develop and maintain metrics and dashboards to report on vulnerability trends, remediation progress, and risk posture.
- Utilize automated compliance tools to assess and validate configuration compliance for operating systems, databases, network devices, and cloud services.
- Partner with IT and engineering teams to remediate configuration drift and ensure continuous compliance.
- Map configuration assurance controls to regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA).
- Maintain documentation of configuration standards and exceptions.
- Leverage data analytics to identify trends, anomalies, and risk concentrations across vulnerability and configuration data.
- Build and maintain dashboards and visualizations using tools such as Tableau, etc.
- Present actionable insights to technical and executive stakeholders to support risk-based decision-making.
- Develop scripts and automation workflows to streamline scanning, reporting, and remediation tracking.
- Integrate vulnerability and configuration data into SIEM, GRC, and ticketing systems.
- Provide executive-level reporting and risk analysis to support strategic decision-making.
- Participate in internal and external audits, ensuring evidence of vulnerability and configuration assurance controls.
- Stay current with emerging threats, vulnerabilities, and security technologies.
- Bachelor's or master's degree in computer science, Cybersecurity, or related field.
- 8+ years of experience in vulnerability management, configuration assurance, or related security engineering roles.
- Relevant security certifications such as CISSP, CISM, OSCP, GIAC (GSEC, GCIH, GCIA, etc.) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.)
- Hands on experience with vulnerability scanning tools and configuration assessment platforms.
- Familiar with advanced vulnerability management techniques such as continuous threat and exposure management and external attack surface management.
- Deep understanding of CVSS, MITRE ATT&CK, threat modeling, and risk-based prioritization.
- Experience implementing and validating compensating controls in enterprise environments.
- Knowledge of cybersecurity concepts and methods including secure configuration management, data protection, security monitoring, incident response, patch management, governance, enterprise security strategies, and architecture.
- Deep understanding of security vulnerabilities, exploits, and mitigation techniques.
- Strong understanding of risk analysis, vulnerability assessment methodologies, and securing baselines.
- Clear understanding of various operating systems (Windows, Unix, etc.,), secure configuration and build images.
- Experience with cloud platforms (AWS, Azure, GCP), container security (Docker, Kubernetes), and security frameworks specific to cloud environment.
- Familiarity with security best practices, regulatory requirements, and industry frameworks (e.g., NIST, ISO, CIS, etc.).
- Strong scripting skills (Python, PowerShell, Bash) for automation and data manipulation.
- Strong knowledge of networking protocols, firewalls, VPNs, and security measures.
- Strong analytical, problem-solving, communication, and technical writing skills.
- Excellent communication skills and ability to influence cross-functional teams.
- Experience working in large, complex environments.
- Ability to manage multiple projects and tasks effectively, with a proactive and detail-oriented approach.
- Able to translate complex technical issues into simple, easy to understand concepts.
- Regular meetings with the Vulnerability Management and Configuration Assurance team.
- Focused one-on-one meetings with your manager.
- Access to mentorship opportunities.
- Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups.
- Access to learning content on Degreed and other informational platforms.
- Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits.
Posted 2026-02-03
Recommended Jobs
Wealth Management Associate
Morgan Stanley
Boston, MA
POSITION SUMMARY: Wealth Management Associates provide exceptional service to our clients and support Financial Advisor(s) (FAs)/ Private Wealth Advisor(s) (PWAs)/ teams on a daily basis. As sen…
View Details
Posted 2026-01-30
Special Education Teacher - Full-time M-F -4
Center for Applied Behavioral Instruction
Worcester, MA
Position Overview: The Center for Applied Behavioral Instruction (CABI) is a growing state of the art educational program for students on the autism spectrum with accompanying behavioral difficulti…
View Details
Posted 2026-02-03
Client Service Associate
Edelman Financial Engines
Burlington, MA
Client Service Associate At Edelman Financial Engines (EFE), our purpose is to guide people with the financial advice they need to thrive. We believe that every dollar saved represents a lifeti…
View Details
Posted 2026-02-02
Head of Marketing
TeamBonding
Stoughton, MA
Reports to: CEO. Works closely with: Fractional CMO (transition + strategic support), Sales Leadership, PR Agency, Podcast Team, External Consultants, VP of Operations. Manages: Marketing Mana…
View Details
Posted 2026-01-29
Equity Research Associate boston, ma gugg
ESRhealthcare
Boston, MA
Equity Research Associate to help cover the Biotechnology sector. This person will be responsible for following the progress of public/private Biotechnology companies and will support the research te…
View Details
Posted 2025-12-08
Welder / Fabricator
Consolidated Sterilizer Systems
Billerica, MA
Welder / Fabricator Department(s): Manufacturing Job Summary: Consolidated Sterilizer Systems is a small but growing company that designs and manufactures steam sterilizers (autoclaves) at our faci…
View Details
Posted 2026-01-26
Caregiver for senior citizens. Cape Cod
Guardian Angel Senior Services
Massachusetts
Training provided Guardian Angel Senior Services is hiring caregivers to help senior citizens live safely and comfortably at home. Duties and Responsibilities: Assist with daily tasks like dr…
View Details
Posted 2026-01-09
Tax Manager
Baker Newman Noyes LLC
Boston, MA
About Us Baker Newman Noyes (BNN) is a top 100 tax, assurance, and advisory firm in the U.S. and holds a Best of Accounting™ recognition for superior client service. BNN was founded to create opportu…
View Details
Posted 2026-01-28
Regional Account Manager (RAM) - Boston, MA
Cogent Communications, Inc.
Boston, MA
Company: Cogent Communications is a multinational, Tier 1 facilities-based ISP, consistently ranked as one of the top five networks in the world and is publicly traded on the NASDAQ Stock Market unde…
View Details
Posted 2026-01-28
Property Accountant
ProPivotal Staffing
Boston, MA
Property Accountant Why Join Our Team? Join a rapidly expanding real estate firm with a diverse property portfolio Opportunities for career advancement within the real estate indu…
View Details
Posted 2026-01-07