Threat Intelligence & Offensive Security Analyst

The Opportunity

We’re growing, and our clients deserve the best. As a Threat Intelligence & Offensive Security Analyst you will have the opportunity to work in a thriving and robust environment across multiple specialty areas by analyzing cybersecurity information, investigating cybersecurity incidents and events, and protecting & defending against threats to MassMutual's digital assets. You will do this by producing actionable intelligence, automation, threat hunting, offensive security and detection engineering. In this role, as well as all roles within MassMutual, you will demonstrate accountability, agility, a dedication to being inclusive, a strong business acumen, and will show courage, even in the most difficult situations. We also highly value strong communication skills, a passion for learning, leadership traits, resilience and self-awareness.

The Team

The Security Intelligence Team at MassMutual consist of multiple functions which are strategically aligned to manage the cyber threats that the company faces. The threat intelligence function analyzes the threat landscape and provides actionable intelligence to the organization. Our offensive security function simulates tactics techniques and procedures used by threat actors and proactively tests MassMutual’s controls. Our penetration testing, bug bounty and responsible disclosure function assesses our applications to make sure they are secure in both pre and post production environments.

The Impact

Below are the lists of tasks candidates will be able to perform, knowledge you should have, and skills & abilities that you can bring into our Threat Intelligence & Offensive Security role! 

Responsibilities

• Analyze Threat Trends in order to recognize and research various threat actor groups, attack patterns, tactics, techniques and procedures (TTPs), indicators of compromise (IOCs) and attack vectors for an end-to-end understanding of threat landscape. 
• Develop your own test scenarios by performing threat hunts and offensive security tests 
• Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets. 
• Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership. 
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. 
• Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations. 
• Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly. 
• Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications). 
• Identify vulnerabilities and exposure within enterprise networks, systems, and applications.
• Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications. 
• Exploit network devices, security devices, and/or terminals or environments using various methods or tools. 

Minimum Qualifications:

• Bachelors degree
• 8+ years in cyber security
• 2+ years in evaluate, analyze, and synthesize information large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence gaps 

Preferred Qualifications:

• Cybersecurity certification like GCTI, GCFA, CCTHP, GCDA, GCPN, OSCP, and/or GXPN 
• Cyber security experience including but not limited to the following:
  • Current and emerging threats/threat vectors and vulnerabilities 
  • Data compromise/destruction, covert communications, encryption attacks, etc…
  • Detection Engineering framework 
  • Risk/threat assessment. 
  • System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). 
  • Attack methods and techniques (DDoS, brute force, spoofing, etc.). 
  • Cyber attack stages (e.g. reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 
  • Network traffic analysis methods 
  • Understanding of cloud technologies 
  • Identify/describe target vulnerability, techniques/methods for conducting technical exploitation of the target, and systemic security issues based on the analysis of vulnerability and configuration data. 
• Ability to evaluate information for reliability, validity, and relevance. 
• Ability to use collaborative tools and environments for collection operations.
• Ability to automate processes using python and other programming/scripting languages.  
• Associate intelligence gaps to priority information requirements and observables. 
• Able to identify when priority information requirements are satisfied and Identify cyber threats which may pose risk to organization and/or partner interests. 
• Can provide intel as a service simultaneously to multiple customers 
• Able to write (and submit) requirements to meet gaps in technical capabilities 
• Can use penetration testing tools and techniques 
• Able to share meaningful insights about the context of an organization's threat environment to improve its risk management posture. 
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. 
• Can develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. 
• Able to coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations. 
• Prior experience teaching and mentoring others in security threat intelligence. 
• Effectively communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. 

#LI-RK1

MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.

If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.