What are the responsibilities and job description for the Cybersecurity Analyst position at The Savings Bank Mutual Life Insurance Company of Massachusetts?
Description:
The Cybersecurity Analyst is a mid-level security professional responsible for the administration, optimization, and operational effectiveness of SBLI’s cybersecurity technologies, with primary ownership of CrowdStrike, Rapid7, and KnowBe4 platforms. This role requires hands-on configuration, investigation, tuning, reporting, and continuous improvement of security controls.
The Analyst plays a key role in threat detection, vulnerability management, incident response, user awareness training, and security control validation, while also supporting broader cybersecurity governance initiatives including maintaining documentation and vendor risk management.
Responsbilities:
Vulnerability & Patch Management: Own and manage the organization’s vulnerability and patch management programs, including oversight of scanning activities, risk-based prioritization of findings, and coordination of remediation efforts with IT stakeholders. Drive measurable reduction of exposure through continuous monitoring, patching, reporting, and validation of remediation activities.
Endpoint Detection & Response (EDR) Management: Lead administration and optimization of the organization’s Endpoint Detection and Response (EDR) platform. Monitor and investigate endpoint alerts, conduct proactive threat hunting, tune detection policies, and execute containment and remediation actions. Ensure comprehensive endpoint coverage, maintain sensor health, and continuously enhance detection capabilities to reduce risk and improve response effectiveness.
User Awareness Training: Lead the design, execution, and continuous improvement of the organization’s security awareness program. Develop targeted training content aligned to current threat trends, oversee phishing simulation campaigns, analyze user behavior and incident metrics, and implement data-driven enhancements to measurably reduce human risk across the organization.
Access & Identity Management: Assist in the management of user access rights and privileges across the organization's systems and applications. This involves user provisioning, deprovisioning, access reviews, and enforcing access control policies to ensure appropriate levels of access.
Incident Response: Lead incident response activities by proactively monitoring and analyzing security events across endpoint and vulnerability management platforms, identifying and validating potential security incidents, and executing containment, eradication, and recovery actions. Conduct root cause analysis, coordinate remediation efforts with IT stakeholders, and continuously refine detection and response capabilities to strengthen overall security posture.
Security Audits and Assessments: Assist in conducting security audits and assessments to identify vulnerabilities and weaknesses in the organization's infrastructure, systems, and applications. Collaborate with the team to develop remediation plans and assist in implementing security controls.
Vendor Management: Conduct comprehensive risk assessments of third-party vendors to ensure compliance with our security standards and policies. The role requires proactive engagement with vendors to evaluate their security practices, data handling protocols, and breach response plans. This includes continuously monitoring and reviewing vendor performance to mitigate any potential risks to the organization's information security.
Security Documentation and Reporting: Lead the development, enhancement, and ongoing maintenance of security documentation, including policies, standards, procedures, and technical playbooks. Develop and deliver meaningful security metrics, dashboards, and key performance indicators (KPIs) to measure control effectiveness, vulnerability exposure, incident trends, and overall risk posture, while supporting audit and regulatory reporting requirements.
Stay Abreast of Cybersecurity Trends: Continuously enhance your knowledge and skills in the field of cybersecurity by staying up to date with the latest industry trends, best practices, and emerging threats. Actively participate in training programs, conferences, and certifications to broaden your expertise.
Qualifications:
- Bachelor’s degree in computer science, information security, or related field. (Preferred but not required).
- Strong understanding of cybersecurity principles, concepts, and technologies.
- Knowledge of access control and identity management practices.
- Hands-on experience with the CrowdStrike and Rapid7 platforms.
- Proficient in Microsoft 365 administration and security features, with strong working knowledge of Active Directory and Microsoft Entra ID (Azure Active Directory)
- Experience leading or independently managing security investigations.
- Solid understanding of security auditing, assessment methodologies and vulnerability management.
- Strong analytical, documentation, and communication skills.
- Strong attention to detail and ability to work independently as well as part of a team.
- Relevant certifications such as Security , CISSP, or CISM (Preferred but not required).
- 3 years of cybersecurity experience.
- Ability to work in hybrid office environment - 3 days in office including mandatory Wednesdays.
Skills:
Familiarity or experience with the following technology solutions:
Rapid7 | CrowdStrike | KnowBe4 |
Automox | Pentera | Varonis |
Mimecast | Netskope | IMPERVA |
Checkpoint | AuditBoard |
|
Salary : $80,000 - $85,000