Information Security Analyst

Massmutual Financial Group Little Rock , AR 72215

Posted 2 months ago

Do you want to be part of a team that encourages your growth, supports your ambitions and makes it a priority for you to reach your goals? Is helping people part of who you are? At MassMutual, we help millions of people find financial freedom, offer financial protection and plan for the future. We do this by building trust with our customers by being knowledgeable problem solvers and prioritize their needs above all else. We Live Mutual.


We're growing and our clients deserve the best. As a Security Operations Center (SOC) analyst you'll have an opportunity to part of a growing team of Cybersecurity analysts who are passionate about protecting MassMutual's assets and customers by leveraging problem solving skills and innovative technology solutions. In this role, as well as all roles within MassMutual, you will demonstrate accountability, agility, a dedication to be inclusive, a strong business acumen, and will show courage, even in the most difficult situations. We also highly value strong communication skills, a passion for learning, leadership traits, resilience, and self-awareness.

What success looks like.

  • Supporting MassMutual's Security Operations Center by leveraging industry leading security tools and your knowledge of Cybersecurity threats to prepare, identify, contain, eradicate, and recover from security incidents.

  • Cultivate and maintain relationships with internal and external teams to support the SOC's mission

  • Continuously identifying opportunities for further improvement (lessons learned) and automation

What your days and weeks will include.

  • Perform monitoring for cybersecurity related technologies generating alerts for potential security events requiring investigation

  • Perform technical analysis for cybersecurity events requiring deeper investigation

  • Perform Malware analysis and extract Indicators of Compromise (IOCs) to feed our Threat Intelligence Platform

  • Learning about the MassMutual business and technology environment in order to detect anomalous behavior from standard expected activity

  • Identify, classify, and document adversary Tactics, Techniques and Procedures (TTPs)

  • Work collaboratively with our Security Intelligence team to enrich and enhance prevention, detection, and threat hunting capabilities

  • Partner with our Security Platforms team to develop playbooks required to successfully respond to specific threats

  • Optimize Alerting platforms through tuning of alerting logic

The skills that make you a great fit.

  • High School Diploma

  • High level knowledge of Cybersecurity attack and defense techniques

  • Understanding of living off the land techniques used by adversaries, using tools such as PowerShell, WMIC, Task Scheduler, Windows Registry etc.

  • Interest in continuous learning and a passion for Cybersecurity

  • Ability to apply problem solving skills to support analysis and detection efforts

  • Strong written and verbal communication skills

  • Strong analytical and problem-solving skills

  • Experience and confidence with communicating with and presenting to senior leadership

  • Ability to work (4) 10 hour days 1 pm - 12 am

Preferred Skills:

  • Bachelor's degree in a related field

  • Certifications: CISSP, CISM, CISA, GCIH, GIAC

  • Knowledge of and practical experience with the MITRE ATT&CK framework

  • Python, PowerShell or other scripting languages

  • Functional knowledge of how operating systems (Windows, Mac, Linux).

  • Experience working with a SIEM platform

  • Understanding of web application vulnerabilities including XSS, CSRF, SQL Injection, command injection and serialization attacks

  • Strong understand of web authentication flows such as SAML and OAUTH

  • Understanding of automated attacks such as credential stuffing and site scraping

target job salary $64,700.00 - $113,200.00



Why Join Us.

We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.

Recognized as a 2020 World's Most Ethical Company by Ethisphere, MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.

MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Analyst

State Of Arkansas

Posted 4 months ago

VIEW JOBS 7/28/2021 12:00:00 AM 2021-10-26T00:00 Position Number: 22115037 County: Pulaski Posting End Date: 08/09/2021 Anticipated Starting Salary: 57,755.15 Office of Information Services - Technical Services Agency/Position Specific: The security analyst will work to assess security alerts generated for DFA hosts, identify validity of the threat, and work to re-mediate it both internally and in conjunction with third-party vendor SOC monitoring. * Research and identify solutions for security event logging and analysis and coordinate Proof of Concept (POC) efforts in relation to potential product selection and deployment. * Assist in identifying regulatory compliance security training needs and materials. * Coordinate of third-party systems penetration testing efforts. * Review regulatory compliance system vulnerability scanning requirements, establishes scanning rule sets in alignment with regulatory compliance for conductions of system vulnerability scans, and conducts vulnerability scans. * Coordinate third-party auditing and/or regulatory compliance onsite review efforts, and follow-up with mitigation and/or remediation efforts. Additional work hours may be required if necessary.() The mission of the Department of Finance and Administration is to provide Arkansas citizens convenient, effective, and courteous service which will encourage voluntary compliance with tax, license, and child support laws. Position Information Class Code: D067C Grade: IT06 FLSA Status: EXEMPT Salary Range: $57,755.00 - $83,745.00 Summary The Information Systems Security Analyst is responsible for regulating access to computer data files and preventing unauthorized modification, destruction, or disclosure of information. The position is governed by state and federal laws and agency/institution policy. Functions Implements intrusion detection and avoidance measures, such as logging, firewalling, activity monitors, virus scanners, or other intrusion detection methods. Reviews logging information for assigned systems and devices for abnormal or irregular use characteristic of unauthorized access or denial service. Assists users in the detection and recovery from security intrusions on their computer systems. Performs security audits on portions of the network as directed by the Associate Director of Computing Services. Contacts appropriate personnel in the event of a security intrusion or policy violation. Contacts users with audit information and assists with techniques to eliminate or minimize vulnerabilities. Performs other duties as assigned. Dimensions None Knowledge, Skills and Abilities Knowledge of communications' protocols and standards related to security. Knowledge of information protection methodologies and concepts. Knowledge of server administration as applied to network and internet security. Knowledge of information protection standards, guidelines, and applied procedures. Ability to identify potential security breaches and implement counter measures. Ability to interface with individuals at all levels of the organization and to establish effective working relationships. Ability to work with sensitive information and maintain confidential of such data and information. Minimum Qualifications The formal education of a bachelor's degree in computer science, information systems, or related field; plus two years of experience in computer operations, data applications, systems analysis, or data base management. Additional requirements determined by the agency for recruiting purposes require review and approval by the Office of Personnel Management. OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE. Licenses None The State of Arkansas is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, pregnancy, age, disability, citizenship, national origin, genetic information, military or veteran status, or any other status or characteristic protected by law. ONLY COMPLETED APPLICATIONS WITH WORK HISTORY WILL BE ACCEPTED. Applications must include complete work history and references. A resume may accompany the state application but will not be substituted for any part of the application. False, misleading, or incomplete statements may result in disciplinary action and possible termination. Veteran Preference: A copy of a DD-214 must be submitted to the Hiring Official at the time of interview to be considered for Veteran Preference. This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9. For more information on E-Verify, or if you believe that your employer has violated its E-Verify responsibilities, please contact DHS at (888) 897-7781 or Nearest Major Market: Little Rock State Of Arkansas Little Rock AR

Information Security Analyst

Massmutual Financial Group