Apply on Employer Site

Amica Insurance · 2 weeks ago

Exposure Management Analyst - Hybrid

Rhode Island, United States

Full-time

Hybrid

Entry Level

1+ years exp

Amica Insurance is America’s oldest mutual insurer of automobiles, focused on creating a workplace that works for all. They are seeking an Exposure Management Analyst to support the organization's cybersecurity posture by identifying, analyzing, and helping to remediate cyber exposures across the enterprise.

AutomotiveInsurance

No H1B

Responsibilities

Perform vulnerability scans and asset discovery across on-prem, cloud, and hybrid environments

Collect and correlate data from security tools (e.g., ASM, vulnerability scanners, CMDB)

Identify misconfigurations, outdated software, and identity-related risks

Assist in evaluating exposures based on exploitability, severity, and business impact

Apply risk scoring models (e.g., CVSS, EPSS) to support prioritization

Collaborate with senior analysts to refine prioritization logic and thresholds

Support validation efforts such as penetration testing and attack simulations

Document findings and assist in verifying the effectiveness of security controls

Coordinate with SOC and IR teams to ensure exposures are detectable and actionable

Track remediation status and escalate unresolved exposures

Work with IT and operations teams to implement fixes and mitigations

Maintain dashboards and reports to communicate exposure trends and metrics

May be called upon to handle other duties as required

Qualification

Vulnerability managementThreat analysisCybersecurity conceptsSecurity tools experienceRisk scoring modelsAnalytical skillsMITRE ATT&CK exposureNIST CSF exposureCIS Controls exposureSecurity+ certificationCommunication skillsCollaborative environment

Required

Bachelor's degree in Cybersecurity, Information Systems, or related field or, an equivalent combination of education and experience sufficient to successfully perform the essential functions of the job

1+ years of experience in vulnerability management, threat analysis, or IT security

Familiarity with CTEM concepts and exposure management workflows

Experience with tools such as Threat Intelligence Platforms, CrowdStrike, Tenable, Rapid7, and Cloud Security Platforms

Experience in working within a collaborative environment of technical and business subject matter experts

Strong analytical and communication skills

Security+ or equivalent entry-level certification

Exposure to MITRE ATT&CK, NIST CSF, or CIS Controls

Benefits

Medical, dental, vision coverage, short- and long-term disability, and life insurance

Paid Vacation – you will receive at least 13 vacation days in the first 12 months, amounts could be greater depending on the role. While able to use prior to accrual, vacation time will accrue monthly.

Holidays - 14 paid holidays observed

Sick time - 6 days sick time at hire, 6 additional days sick time at 90 days of employment

Generous 401k with company match and immediate vesting. Additionally, annual 3% non-elective employer contribution

Annual Success Sharing Plan - Paid to eligible employees if company meets or exceeds combined ratio, growth and/or service goals

Generous leave programs, including paid parental bonding leave

Student Loan Repayment and Tuition Reimbursement program

Generous fitness and wellness reimbursement

Employee community involvement

Strong relationships, lifelong friendships

Opportunities for advancement in a successful and growing company