Massachusetts Mutual Life Insurance Company (MassM
Vulnerability Management and Configuration Assurance Engineer
Massachusetts Mutual Life Insurance Company (MassM, New York, NY
The Team
The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization's infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers.
The Impact
VMCA is motivated by a shared sense of responsibility to protect the organization's assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving. The culture of VMCA consists of proactive and preventative mindsets, collaboration, cross-disciplinary communication, accountability, ownership, agility, adaptability, inclusivity, knowledge sharing, and transparency.
Roles & Responsibilities:
Key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputation damage from security incidents:
The Minimum Qualifications
The Ideal Qualifications
What to Expect as Part of MassMutual and the Team
#LI-SC1
Salary Range:
$107,700.00-$141,300.00
At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.
Why Join Us.
We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.
We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
At MassMutual, we focus on ensuring fair, equitable pay by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component. For more information about our extensive benefits offerings please check out our Total Rewards at a Glance.
The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization's infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers.
The Impact
VMCA is motivated by a shared sense of responsibility to protect the organization's assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving. The culture of VMCA consists of proactive and preventative mindsets, collaboration, cross-disciplinary communication, accountability, ownership, agility, adaptability, inclusivity, knowledge sharing, and transparency.
Roles & Responsibilities:
Key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputation damage from security incidents:
- Collaborate with internal architecture teams to continuously improve the vulnerability management tool(s) architecture and strategies tailored to enterprise needs.
- Collaborate with internal solution architects to design scalable, efficient solutions that integrate with existing IT and security infrastructures.
- Oversee the vulnerability management tool(s) and its integrations ensuring minimal impact to end-users, data accuracy and completeness, and visibility.
- Design, implement, and optimize the enterprise vulnerability management tool.
- Continuously evaluate current and potential toolset, ensuring we are meeting requirements, identifying gaps, and planning for resolutions.
- Develop and maintain security metrics and reporting dashboards to track tool effectiveness.
- Provide expert guidance and mentorship to junior members of the team.
- Ensure compliance with relevant regulations and security frameworks (e.g., NIST, ISO 27001, NY DFS, etc.)
- Identify issues and/or defects with tools, perform troubleshooting, and engage with vendors as needed for resolution.
- Focus on continuous process improvement and identify opportunities for automation.
- Develop and manage standard operating procedures for maintaining the operation of the vulnerability management tool(s) and integrations.
- Work in a dynamic cross-function environment, partnering with technology and security teams to align practices and tools.
The Minimum Qualifications
- Bachelor's degree
- Minimum of 5+ years of expertise in cybersecurity with a focus on vulnerability and configuration management tools or similar disciplines.
The Ideal Qualifications
- Advanced degree in engineering, computer science, information security, or a related field.
- Relevant security certifications such as CISSP, CEH, CVA, Security+, OSCP, etc., from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.)Strong knowledge of vulnerability scanning tools (Qualys, Nessus, Rapid7, etc.).
- Experience with using vulnerability remediation workflow automation tools (e.g., ServiceNow CMDB and SecOps module).
- Knowledge of cybersecurity concepts and methods including, but not limited to secure configuration management, data protection, security monitoring, incident response, patch management, governance, enterprise security strategies and architecture.
- Deep understanding of security vulnerabilities, exploits, and mitigation techniques.
- Strong understanding of risk analysis, vulnerability assessment methodologies, and securing baselines.
- Clear understanding of various operating systems (Windows, Unix, etc.,), secure configuration and build images.
- Experience with cloud platforms (AWS, Azure, GCP) and security frameworks specific to cloud environment.
- Familiarity with security best practices, regulatory requirements, and industry frameworks (e.g., NIST, ISO, CIS, etc.,).
- Experience with automation, scripting, and orchestration (Python, PowerShell, etc.)
- Strong knowledge of networking protocols, firewalls, VPNs, and security measures.
- Strong analytical, problem-solving, communication, and technical writing skills.
- Experience working with in large, complex environments.
- Ability to manage multiple projects and tasks effectively, with a proactive and detail-oriented approach.
- Able to translate complex technical issues into simple, easy to understand concepts.
What to Expect as Part of MassMutual and the Team
- Regular meetings with the Vulnerability Management and Configuration Assurance team.
- Focused one-on-one meetings with your manager.
- Access to mentorship opportunities.
- Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups.
- Access to learning content on Degreed and other informational platforms.
- Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits.
#LI-SC1
Salary Range:
$107,700.00-$141,300.00
At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.
Why Join Us.
We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.
We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
At MassMutual, we focus on ensuring fair, equitable pay by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component. For more information about our extensive benefits offerings please check out our Total Rewards at a Glance.