Center For Health Information And Analysis

Associate Security Engineer

Data Operations and Technology - Boston, MA - Full Time

The mission of the Center for Health Information and Analysis (CHIA) is to monitor the Massachusetts health care system and to provide reliable information and meaningful analysis for those seeking to improve health care quality, affordability, access, and outcomes.

Reporting to the Chief Information Security Officer (CISO), the Associate Security Engineer will manage and maintain Information Security applications, collect, analyze, synthesize, and present cyber security metrics, research, and event information in support of trend and anomaly identification, event correlation, safeguard assessment, and improvement and delivery of core cyber security processes. S/he will be the primary role responsible for collecting and summarizing security metrics and presenting them in effective reporting formats according to specifications approved by the CISO.  Associated with the collection of security metrics is the support and maintenance of key Security systems and applications.  Ancillary tasks for this role will include participation in periodic internal IT audits and risk assessments, CSIRT (Cyber Security Incident Response Team) duties where applicable, production of procedural documentation, security product research, or evaluations, or any related duties assigned by the CISO.

The Center’s staff is currently transitioning to a hybrid operating model with employees working at least one (1) day per week at the 501 Boylston Street Boston office. Effective September 19, 2022, all employees will be expected to work in the Center’s office at 501 Boylston Street, Boston, on at least two (2) designated days each week. 

Specifically, the Associate Security Engineer will:

  • Security Infrastructure Metrics: Mine metrics from security infrastructure (applications, databases, network appliances, servers, et al), aggregate, and normalize to facilitate reporting on enterprise security
  • Security Reporting: Develop and generate cyber security related reports, alarms, and notifications; Identify reporting gaps and recommend remediation to Security Team
  • Core Cyber Security Process Support: Support the execution of risk assessments, vulnerability and threat assessments, incident response, and cyber security awareness
  • Threat Research: Perform threat research and leverage it to improve the effectiveness of our safeguards and defense-in-depth strategy. Stay current with cyber security trends, best practices, and developments on topics such as emerging threats, containment and eradication of malware, and incident response; act as a team resource for this information
  • IT Audit Support: Support the CISO in auditing systems, user accounts, databases, and applications for policy compliance, e.g. least privilege, appropriate security controls, timely security patching, unique user accounts, et al.  These activities may include regular administration duties on select security products used for infrastructure auditing and monitoring
  • Security Incident Root Cause Analysis: Perform rudimentary post-mortem analysis on malware infections and suggest improvements to anti-malware technology, tactics, or procedures where applicable
  • Security Training:  Participate in annual employee training sessions to improve Cyber Security awareness throughout the agency
  • Ongoing Maintenance: Perform regular maintenance operations on primary Security systems/applications to keep them patched and current.
  • Vet software:  Vet new software before it is introduced into CHIA’s production network
  • Azure Cloud Support: Support the configuration of security components, connectivity and networks in CHIA’s cloud computing environment.
  • Other duties as assigned

Preferred Qualifications:

  • Microsoft Enterprise technologies such as Active Directory
  • Microsoft Azure security, connectivity, and network components
  • In-depth knowledge of network security and firewall technologies
  • CISA, CISSP, GSEC, SSCP, or similar cyber security certification
  • Bachelor’s degree or above in computer science, information assurance, information security, cyber security, or closely related subject
  • Understanding of HIPAA compliance requirements

Preferred Character Traits:

  • Recognizes opportunities for addressing IT issues, risks and exposures
  • Maintains strong liaison and working relationships
  • Works efficiently and diligently to resolve security problems and help desk tickets
  • Develops and follows leads to a logical conclusion and possess strong case documentation
  • Accepts responsibility and personal accountability
  • Possesses strong interpersonal skills
  • Writes coherent and easy to follow documentation and procedures

Minimum Entrance Requirements:

  • Three (3) years of full time professional experience in information assurance, cyber security, systems analysis, IT audit, or related specialization, or commensurate higher education
  • High level of proficiency in reading and writing English
  • Demonstrable interest in a cyber security career
  • Bachelor’s degree from an accredited institution

Total Compensation:

As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve - but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including:

  • 75% state paid medical insurance premium
  • Reasonable Dental and Vision Plans
  • Flexible Spending Account and Dependent Care Assistance programs
  • Low cost basic and optional life insurance
  • Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan
  • 12 paid holidays per year and competitive Sick, Vacation and Personal Time
  • Tuition Benefit for employee and spouse at state colleges and universities
  • Extended Illness program participation
  • Professional Development and Continuing Education opportunities
  • Qualified Employer for Public Service Student Loan Forgiveness Program

This position designated as a confidential non-union and non-managerial position with the Data Operations and Technology team. Salary Range: $63,722-$97,742

At CHIA, we are committed to earning a reputation as a great place to work and build a career. So if you’re excited to be part of a diverse and innovative team responsible for identifying opportunities to improve health care in Massachusetts, come join us! To apply and for more information visit: https://www.chiamass.gov/join-our-team/

CHIA is an Equal Opportunity / Affirmative Action Employer. Women, people of color, veterans, and persons with disabilities are strongly encouraged to apply.

If you have Diversity, Affirmative Action or Equal Employment Opportunity questions or need a Reasonable Accommodation, please contact Diversity Officer / ADA Coordinator: Tonya Bourassa 617-701-8127.

Information submitted by applicants is collected through the JazzHR Platform, your submission of application materials constitutes your express consent for this information to be provided to JazzHR for processing. Please do not include any personally identifiable information with your application materials other than that specifically requested by CHIA. CHIA requests basic information such as name, address, telephone number, and email address. You may also self identify race/ethnicity, gender, disability and/or veteran status if you so choose. However, you should not provide more detailed personal information such as your date of birth or Social Security Number with your application materials.

In compliance with federal laws, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

CHIA has adopted Executive Order #595: COVID-19 Vaccination Requirement for Executive Department Employees

As a condition of employment, successful candidates will be required to have received COVID-19 vaccination and/or boosters prior to the finalization of the hiring process. Details relating to complying with this requirement will be provided to finalists.

Finalists who can provide documentation that the vaccine is medically contraindicated or who object to vaccination due to a sincerely held religious belief may make a request for a reasonable accommodation.

Executive order can be found here: https://www.mass.gov/doc/august-19-2021-executive-department-employee-vaccination-order

Apply: Associate Security Engineer
* Required fields
First name*
Last name*
Email address*
Location *
Phone number*
Resume*

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

Cover Letter*
What’s your citizenship / employment eligibility?*
Reference 1:
Name, Occupation, Telephone Number, Email Address, Years Acquainted*
Reference 2:
Name, Occupation, Telephone Number, Email Address,Years Acquainted*
Reference 3:
Name, Occupation, Telephone Number, Email Address,Years Acquainted*
May we add you to our email list to share future positions with CHIA or other agencies?
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 5/31/2023
Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition. Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson's disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression
Please check one of the boxes below:
YES, I HAVE A DISABILITY, OR HAVE A HISTORY/RECORD OF HAVING A DISABILITY
NO, I DON'T HAVE A DISABILITY, OR A HISTORY/RECORD OF HAVING A DISABILITY
I DON'T WISH TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Your Name Today's Date
Human Check*