Center For Health Information And Analysis Associate Security Engineer in Boston, Massachusetts
The mission of the Center for Health Information and Analysis (CHIA) is to monitor the Massachusetts health care system and to provide reliable information and meaningful analysis for those seeking to improve health care quality, affordability, access, and outcomes.
Reporting to the Chief Information Security Officer (CISO), the Associate Security Engineer will manage and maintain Information Security applications, collect, analyze, synthesize, and present cyber security metrics, research, and event information in support of trend and anomaly identification, event correlation, safeguard assessment, and improvement and delivery of core cyber security processes. S/he will be the primary role responsible for collecting and summarizing security metrics and presenting them in effective reporting formats according to specifications approved by the CISO. Associated with the collection of security metrics is the support and maintenance of key Security systems and applications. Ancillary tasks for this role will include participation in periodic internal IT audits and risk assessments, CSIRT (Cyber Security Incident Response Team) duties where applicable, production of procedural documentation, security product research, or evaluations, or any related duties assigned by the CISO.
The successful candidate will work remotely in the near term, but be prepared to work at the Center’s office at 501 Boylston Street, Boston, when the Center’s staff transitions back onsite at a to-be-determined time.
Specifically, the Associate Security Engineer will:
Security Infrastructure Metrics: Mine metrics from security infrastructure (applications, databases, network appliances, servers, et al), aggregate, and normalize to facilitate reporting on enterprise security
Security Reporting: Develop and generate cyber security related reports, alarms, and notifications; Identify reporting gaps and recommend remediation to Security Team
Core Cyber Security Process Support: Support the execution of risk assessments, vulnerability and threat assessments, incident response, and cyber security awareness
Threat Research: Perform threat research and leverage it to improve the effectiveness of our safeguards and defense-in-depth strategy. Stay current with cyber security trends, best practices, and developments on topics such as emerging threats, containment and eradication of malware, and incident response; act as a team resource for this information
IT Audit Support: Support the CISO in auditing systems, user accounts, databases, and applications for policy compliance, e.g. least privilege, appropriate security controls, timely security patching, unique user accounts, et al. These activities may include regular administration duties on select security products used for infrastructure auditing and monitoring
Security Incident Root Cause Analysis: Perform rudimentary post-mortem analysis on malware infections and suggest improvements to anti-malware technology, tactics, or procedures where applicable
Security Training: Participate in annual employee training sessions to improve Cyber Security awareness throughout the agency
Ongoing Maintenance: Perform regular maintenance operations on primary Security systems/applications to keep them patched and current.
Vet software: Vet new software before it is introduced into CHIA’s production network
Azure Cloud Support: Support the configuration of security components, connectivity and networks in CHIA’s cloud computing environment.
Microsoft Enterprise technologies such as Active Directory
Microsoft Azure security, connectivity, and network components
In-depth knowledge of network security and firewall technologies
CISA, CISSP, GSEC, SSCP, or similar cyber security certification
Bachelor’s degree or above in computer science, information assurance, information security, cyber security, or closely related subject
Understanding of HIPAA compliance requirements
Preferred Character Traits:
Recognizes opportunities for addressing IT issues, risks and exposures
Maintains strong liaison and working relationships
Works efficiently and diligently to resolve security problems and help desk
Develops and follows leads to a logical conclusion and possess strong case documentation
Accepts responsibility and personal accountability
Possesses strong interpersonal skills
Writes coherent and easy to follow documentation and procedures
Minimum Entrance Requirements:
Three (3) years of full time professional experience in information assurance, cyber security, systems analysis, IT audit, or related specialization, or commensurate higher education
High level of proficiency in reading and writing English
Demonstrable interest in a cyber security career
Bachelor’s degree from an accredited institution
As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve - but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including:
75% state paid medical insurance premium
Reasonable Dental and Vision Plans
Flexible Spending Account and Dependent Care Assistance programs
Low cost basic and optional life insurance
Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan
11 paid holidays per year and competitive Sick, Vacation and Personal Time
Tuition Benefit for employee and spouse at state colleges and universities
Extended Illness program participation
Professional Development and Continuing Education opportunities
Qualified Employer for Public Service Student Loan Forgiveness Program
This position designated as a confidential non-union and non-managerial position with the Data Operations and Technology team. Salary Range: $63,722-$97,742
At CHIA, we are committed to earning a reputation as a great place to work and build a career. So if you’re excited to be part of a diverse and innovative team responsible for identifying opportunities to improve health care in Massachusetts, come join us! To apply and for more information visit: https://www.chiamass.gov/join-our-team/
CHIA is an Equal Opportunity / Affirmative Action Employer. Women, people of color, veterans, and persons with disabilities are strongly encouraged to apply.
If you have Diversity, Affirmative Action or Equal Employment Opportunity questions or need a Reasonable Accommodation, please contact Diversity Officer / ADA Coordinator: Tonya Bourassa 617-701-8127.
Information submitted by applicants is collected through the JazzHR Platform, your submission of application materials constitutes your express consent for this information to be provided to JazzHR for processing. Please do not include any personally identifiable information with your application materials other than that specifically requested by CHIA. CHIA requests basic information such as name, address, telephone number, and email address. You may also self identify race/ethnicity, gender, disability and/or veteran status if you so choose. However, you should not provide more detailed personal information such as your date of birth or Social Security Number with your application materials.
In compliance with federal laws, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
CHIA has adopted Executive Order #595: COVID-19 Vaccination Requirement for Executive Department Employees
As a condition of employment, successful candidates will be required to have received COVID-19 vaccination and/or boosters prior to the finalization of the hiring process. Details relating to complying with this requirement will be provided to finalists.
Finalists who can provide documentation that the vaccine is medically contraindicated or who object to vaccination due to a sincerely held religious belief may make a request for a reasonable accommodation.
Executive order can be found here: https://www.mass.gov/doc/august-19-2021-executive-department-employee-vaccination-order
Powered by JazzHR