Principal Cyber Risk Analyst
skillventory - A Leading Talent Research Firm
AWSCloudCyber Security
Information Security Consultant – Threat Intelligence Analyst
MassMutual
full-time
Posted on:
Location Type: Hybrid
Location: Boston • Massachusetts • 🇺🇸 United States
Visit company websiteSalary
💰 $86,200 - $113,100 per year
Job Level
JuniorMid-Level
Tech Stack
Cyber SecurityFlash
About the role
- Execute day‑to‑day threat intake, triage, and analysis to protect the enterprise and field organizations.
- Convert raw signals into validated findings, concise reports, and timely escalations.
- Monitor and triage inbound alerts related to domain impersonation, credential exposure, bot‑log listings, payment/credit exposure, vulnerability chatter, and external threat activity.
- Validate and categorize events using corroborating evidence and defined criteria; document decision points and rationale.
- Escalate and coordinate with the appropriate owners following established workflows.
- Maintain case records with reproducible notes, supporting artifacts, and status updates through closure.
- Perform structured analysis to transform data into intelligence: outline assumptions, weigh confidence, and articulate likely impact and recommended actions.
- Produce flash advisories for time‑sensitive threats, emerging threat briefs for significant trends, and field vulnerability summaries.
- Assist detection engineering teams by researching adversary TTPs, validating indicators, and providing context for detection logic development.
- Fulfill RFIs from internal teams; gather, analyze, and deliver answers aligned to intelligence requirements and timelines.
- Support investigations by researching indicators, mapping findings to threat models, and providing targeted recommendations.
- Participate in information‑sharing activities to stay informed on emerging threats and contribute relevant insights when appropriate.
- Maintain program documentation and track key performance indicators, ensuring accuracy and currency.
- Engage in team collaboration and knowledge‑sharing, contributing to process documentation, supporting onboarding, and participating in regular team discussions.
- Identify opportunities for process improvement to enhance efficiency and consistency in alert handling, escalation, and reporting workflow.
Requirements
- Associates degree
- 2+ years of experience in cyber security
- Familiarity with alert triage and escalation workflows, including identifying false positives and prioritizing based on risk.
- Understanding of common attack vectors and techniques (e.g., phishing, credential abuse, malware delivery) and how they relate to detection and response processes.
- Ability to analyze security events, perform basic log review, and correlate indicators to identify potential threats.
- Strong documentation and case management discipline, ensuring accurate and complete records for investigations.
- Effective communication skills for summarizing findings and providing clear updates to technical and non-technical stakeholders.
- Ability to work in a fast-paced environment, manage multiple tasks, and collaborate with SOC, IR, and engineering teams.
- Exposure to SIEM alert handling, security monitoring, or basic detection tuning.
- Experience assisting with incident investigations, including researching indicators and providing context for detection engineering or response teams.
- Familiarity with threat modeling concepts (e.g., MITRE ATT&CK, kill chain) and how they apply to detection and response.
- Basic knowledge of network and endpoint fundamentals (e.g., logs, authentication flows, common protocols).
- Participation in tabletop exercises, after-action reviews, or cross-team security projects.
- Cybersecurity certifications such as: - CompTIA Security+ - CompTIA CySA+
Benefits
- Regular collaboration with relevant stakeholders.
- Focused one-on-one time with your manager.
- Access to mentorship opportunities.
- Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups.
- Access to learning content on Degreed and other informational platforms.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
alert triageescalation workflowssecurity event analysislog reviewthreat correlationincident investigationdetection engineeringthreat modelingnetwork fundamentalsendpoint fundamentals
Soft skills
documentation disciplineeffective communicationcollaborationprocess improvementtime managementanalytical thinkingproblem-solvingteamworkadaptabilityknowledge sharing
Certifications
CompTIA Security+CompTIA CySA+