×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Vulnerability Management and Configuration Assurance Analyst

Job in Springfield, Hampden County, Massachusetts, 01119, USA
Listing for: MassMutual
Full Time position
Listed on 2026-02-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Job Description & How to Apply Below

The Opportunity

The Opportunity We are seeking an experienced Vulnerability Management and Configuration Assurance Engineer to join our Vulnerability Management and Configuration Assurance team. The ideal candidate will have a deep understanding of security principles, vulnerability management and secure baseline configuration monitoring and designing, implementing, and optimizing vulnerability assessment solutions for Mass Mutual. As an advanced-level engineer, you will collaborate with cross-functional teams to ensure the security posture of our organization meets industry standards and regulatory requirements.

The

Team

The Vulnerability Management and Configuration Assurance (VMCA) team is responsible for identifying, assessing, prioritizing, reporting, and continuous monitoring of vulnerabilities and configuration baseline deficiencies within our organization’s infrastructure, applications, and systems. Our team plays a critical role in maintaining the security posture of the company by proactively managing vulnerabilities that could be exploited by attackers. VMCA is motivated by a shared sense of responsibility to protect the organization’s assets and reputation by knowing our work directly mitigates security threats and prevents potential breaches, strong collaboration with other security and IT teams, continuous learning, innovation, and problem-solving.

The culture of VMCA consists of proactive and preventative mindsets, collaboration, cross-disciplinary communication, accountability, ownership, agility, adaptability, inclusivity, knowledge sharing, and transparency.

The Impact

Your key responsibilities will consist of the following to ensure digital assets are resilient against emerging threats, reducing potential financial and reputational damage from security incidents.

Vulnerability Management

  • Lead the design, implementation, and continuous improvement of the enterprise vulnerability management program.

  • Hands on experience using automated scanning tools (e.g., Qualys, Tenable, Rapid7, Wiz) to identify, assess, report, and track vulnerabilities detected on operating systems, databases, network devices, mobile devices, and cloud services.

  • Perform advanced vulnerability assessments across on-premises, cloud, containerized, and hybrid environments.

  • Analyze vulnerability scan results, prioritize findings based on risk, exploitability, and business impact.

  • Integrate threat intelligence and MITRE ATT&CK mapping to contextualize vulnerabilities and enhance prioritization.

  • Collaborate with infrastructure and business information security officers (BISO) teams to drive timely remediation and mitigation.

  • Identify and recommend compensating controls when immediate remediation is not feasible.

  • Develop and maintain metrics and dashboards to report on vulnerability trends, remediation progress, and risk posture.

Configuration Assurance

  • Utilize automated compliance tools to assess and validate configuration compliance for operating systems, databases, network devices, and cloud services.

  • Partner with IT and engineering teams to remediate configuration drift and ensure continuous compliance.

  • Map configuration assurance controls to regulatory frameworks (e.g., NIST, CIS, ISO 27001, PCI-DSS, HIPAA).

  • Maintain documentation of configuration standards and exceptions.

Data Analytics & Visualization

  • Leverage data analytics to identify trends, anomalies, and risk concentrations across vulnerability and configuration data.

  • Build and maintain dashboards and visualizations using tools such as Tableau, etc.

  • Present actionable insights to technical and executive stakeholders to support risk-based decision-making.

Tooling & Automation

  • Develop scripts and automation workflows to streamline scanning, reporting, and remediation tracking.

  • Integrate vulnerability and configuration data into SIEM, GRC, and ticketing systems.

Governance & Reporting

  • Provide executive-level reporting and risk analysis to support strategic decision-making.

  • Participate in internal and external audits, ensuring evidence of vulnerability and configuration assurance controls.

  • Stay current with emerging threats, vulnerabilities, and security technologies.

The

Minimum…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search