#R16536
and extract Indicators of Compromise (IOCs) to feed our Threat Intelligence Platform
Identify, classify, and document adversary Tactics, Techniques and Procedures (TTPs)
Work collaboratively with our Security Intelligence team to enrich and enhance prevention, detection, and threat hunting capabilities.
Partner with our Security Platforms team to develop playbooks for our SOAR platform
Optimize alerting platforms through rule development and tuning of existing alerting logic.
Act as team lead, mentor Junior Analysts, be a go to escalation point for other SOC analysts
Coordinate incident response efforts
Perform QA responsibilities ensuring thorough analysis and documentation
The Minimum Qualifications
Associate's degree in cyber security or related Field
5+ years' experience working in a Security Operation Center
2+ years' experience writing in Python, PowerShell and Regex
Willing to work Monday - Friday 8-hr shift, should an escalation be received between 1p - 11pm EST from L1 or L2 Shift Analyst in US, potential on-call work
The Ideal Qualifications
Bachelor's degree in cyber security
Certifications: CISSP, CISM, CISA, GCIH, GCFR
Knowledge of and practical experience with the MITRE ATT&CK framework
Mastery of Python, PowerShell or other scripting languages
Experience working with a SIEM platform mining large datasets
Understanding of web application vulnerabilities including XSS, CSRF, SQL Injection, command injection and serialization attacks
Interest in continuous learning and a passion for Cybersecurity
Experience and confidence communicating with and presenting to senior leadership
Strong written and verbal communication skills
Strong analytical and problem-solving skills
Experience developing automations in SOAR platforms to further enhance the SOC's capabilities.
In depth knowledge of operating systems process relationships and file structures (Windows, Mac, Linux).
Functional experience developing new detections for alerting platforms.
Expert level knowledge of Cybersecurity attack and defense techniques
Strong understand of web authentication flows such as SAML and OAUTH
Functional knowledge of cloud environments such as AWS and Azure.
Relevant Cyber Security GIAC Certification such as CISM, CEH, GCIH, GCDA or similar.
Understanding of living off the land techniques used by adversaries, using tools such as PowerShell, WMIC, Task Scheduler, Windows Registry etc.
What to Expect as Part of MassMutual and the Team
Regular meetings with the Director of the US Security Operations Centers
Focused one-on-one meetings with your manager
Access to mentorship opportunities
Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups
Access to learning content on Degreed and other informational platforms
Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits
#LI-RK1
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
EEO Statement (Opens in new window)
MassMutual will accept applications on an ongoing basis until such time as a candidate has been offered employment.
Salary Range: $107,700.00-$141,300.00