MassMutual Senior Security Intelligence Analyst in Helena, Montana
Why we need you.
We’re growing, and our clients deserve the best. As a Security Security Intelligence Analyst you will have the opportunity to work in a thriving and robust environment across multiple specialty areas by analyzing cybersecurity information, investigating cybersecurity incidents and events, and protecting & defending against threats to MassMutual's digital assets. You will do this by creating and maintaining priority intelligence requirements for producing actionable intelligence and performing threat hunting and ethical hacking exercises. In this role, as well as all roles within MassMutual, you will demonstrate accountability, agility, a dedication to be inclusive, a strong business acumen, and will show courage, even in the most difficult situations. We also highly value strong communication skills, a passion for learning, leadership traits, resilience and self-awareness.
Does this role sound like what you are looking for? Do you believe you would be a great fit?
Below are the lists of tasks candidates will be able to perform, knowledge you should have, and skills & abilities that you can bring into our Security Intelligence Analyst role!
Analyze Threat Trends in order to recognize and research various threat actor groups, attack patterns, tactics, techniques and procedures (TTPs), indicators of compromise (IOCs) and attack vectors for an end-to-end understanding of threat landscape.
Develop your own test scenarios by performing threat hunts and offensive security tests
Identify control gaps that allow threats to enter our network.
Provide recommendations for how to improve the controls based on test scenario findings.
Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.
Provide current intelligence support to critical internal/external stakeholders as appropriate.
Identify and submit intelligence requirements for the purposes of designating priority information requirements.
Validate the link between collection requests and critical information requirements and priority intelligence requirements of leadership.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Provide intelligence analysis and support to designated exercises, planning activities, and time sensitive operations (including table top exercises).
Provide information and assessments for the purposes of informing leadership and customers; developing and refining objectives; supporting operation planning and execution; and assessing the effects of operations.
Provide subject-matter expertise and support to planning/developmental forums and working groups as appropriate.
Assess the effectiveness of collections in satisfying priority information gaps, using available capabilities and methods, and adjust collection strategies and collection requirements accordingly.
Engage stakeholders to understand their intelligence needs and wants to formulate intelligence requirements.
Understanding of cloud technologies
Current and emerging threats/threat vectors and vulnerabilities
Priority information, how it is derived, where it is published, how to access, etc.
Priority information requirements from subordinate, lateral and higher levels of the organization
How to leverage research and development centers, think tanks, academic research, and industry systems.
System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Insider Threat investigations, reporting, investigative tools and laws/regulations.
Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
Attack methods and techniques (DDoS, brute force, spoofing, etc.).
Cyber attack stages (e.g. reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
Network traffic analysis methods
Evaluating information for reliability, validity, and relevance.
Use collaborative tools and environments for collection operations.
Associate intelligence gaps to priority information requirements and observables.
Identify when priority information requirements are satisfied.
Identifying cyber threats which may pose risk to organization and/or partner interests.
Provide intel as a service simultaneously to multiple customers
Evaluate, analyze, and synthesize information large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence gaps
Identify intelligence gaps.
Think like threat actors.
Utilize multiple intelligence sources across all intelligence disciplines.
Share meaningful insights about the context of an organization's threat environment to improve its risk management posture.
Function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
Coordinate, collaborate and disseminate information to subordinate, lateral and higher-level organizations.
Teach and mentor others in security threat intelligence.
Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
GCTI or GCFA or CCTHP certified.
A sitting member of an ISAC TIC.
Target job salary: $102,800.00 - $178,800.00 USD Annual
MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us (firstname.lastname@example.org) and share the specifics of the assistance you need.