Security Engineer

Company: Center For Health Information And Analysis
Location: Boston
Posted on: January 27, 2023

Job Description:

Job DescriptionThe mission of the Center for Health Information and Analysis (CHIA) is to monitor the Massachusetts health care system and to provide reliable information and meaningful analysis for those seeking to improve health care quality, affordability, access, and outcomes.Reporting to the Chief Information Security Officer (CISO), the Security Engineer will manage Information Security applications, work with and present Cybersecurity metrics and reports, and be a major resource in CHIAs continuous transformation towards its secure cloud environment. This position will continuously improve upon CHIAs Cybersecurity program and security processes, evolving over time into a security architect role. Ancillary tasks for this role will include participation in periodic internal IT audits and risk assessments, CSIRT (Cyber Security Incident Response Team) duties where applicable, production of procedural documentation, security product research, vendor management, and any related duties assigned by the CISO.CHIA has a hybrid work environment. This position is eligible to work remotely up to threedesignated days per week. In-person work will occur at the Centers Boylston Street office in Boston. Specifically, the Security Engineer will do the following:

• Cloud Security: Work with CHIAs various IT departments to secure network, application, and database infrastructure and tools in the cloud. Continuously look for ways to harden and protect CHIAs assets
• Secure Hybrid Connectivity: Work with IT Operations and the Network Team to maintain a secure and stable connection between CHIAs on-site environment and that of the cloud
• Security Infrastructure Metrics: Mine metrics from security infrastructure (applications, databases, network appliances, servers, et al), aggregate, and normalize to facilitate reporting on enterprise security
• Security Reporting: Develop and generate cyber security related reports, alarms, and notifications; Identify reporting gaps and take appropriate steps to remediate
• Monitoring: Administer privileged/trusted monitoring of agency computers and IT systems at the direction of the CISO or CIO
• Core Cyber Security Process Support: Support the execution of risk assessments, vulnerability and threat assessments, incident response, and cyber security awareness
• Threat Research: Perform threat research and leverage it to improve the effectiveness of our safeguards and defense-in-depth strategy. Develop expertise on existing set of security systems and applications. Stay current with cyber security trends, best practices, and developments on topics such as emerging threats, containment and eradication of malware, and incident response, and act as a team resource for this information
• IT Audit Support: Support the CISO in auditing systems, user accounts, databases, and applications for policy compliance, e.g. least privilege, appropriate security controls, timely security patching, unique user accounts, et al.
• Security Incident Root Cause Analysis: Analyze malware infections and recommend improvements to anti-malware technology, tactics, or procedures where applicable
• Security Training: Participate in annual employee training sessions to improve Cyber Security awareness throughout the agency
• Ongoing Maintenance: Perform regular maintenance operations on primary Security systems/applications to keep them patched and current
• Web/URL Filtering: Provide active management of CHIAs web filtering systems
• Vet software: Vet new software before it is introduced into CHIAs production network
• Other duties as assignedPreferred Qualifications:
  • Microsoft Enterprise technologies such as Active Directory and Microsoft 365
  • Microsoft Azure security, connectivity, and network components
  • In-depth knowledge of network security and firewall technologies, including but not limited to, Cisco and Palo Alto
  • CISA, CISSP, GSEC, SSCP, or similar cyber security certification
  • Bachelors degree or above in computer science, information assurance, information security, cyber security, or closely related subject
  • Understanding of HIPAA compliance requirementsPreferred Character Traits:
    • Recognizes opportunities for addressing IT issues, risks, and exposures
    • Maintains strong liaison and working relationships
    • Works efficiently and diligently to resolve security problems and help desk tickets
    • Develops and follows leads to a logical conclusion and possess strong case documentation
    • Accepts responsibility and personal accountability
    • Possesses strong interpersonal skills
    • Writes clear and concise documentation and proceduresMinimum Entrance Requirements:
      • Five (5) years of full-time professional experience in information assurance, Cybersecurity, systems analysis, IT audit, or related specialization, or commensurate higher education
      • High level of proficiency in reading and writing English
      • Bachelors degree from an accredited institutionTotal Compensation:As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve - but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including:
        • 75% state paid medical insurance premium
        • Reasonable Dental and Vision Plans
        • Flexible Spending Account and Dependent Care Assistance programs
        • Low cost basic and optional life insurance
        • Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan
        • 12paid holidays per year and competitive Sick, Vacation and Personal Time
        • Tuition Benefit for employee and spouse at state colleges and universities
        • Extended Illness program participation
        • Professional Development and Continuing Education opportunities
        • Qualified Employer for Public Service Student Loan Forgiveness ProgramThis position designated as a confidential non-union and non-managerial position with the Data Operations and Technology Unit. Salary Range: $65,000 -$100,000At CHIA, we are committed to earning a reputation as a great place to work and build a career. So if youre excited to be part of a diverse and innovative team responsible for identifying opportunities to improve health care in Massachusetts, come join us! To apply and for more information visit: https://www.chiamass.gov/join-our-team/CHIA is an Equal Opportunity / Affirmative Action Employer. Women, people of color, veterans, and persons with disabilities are strongly encouraged to apply.If you have Diversity, Affirmative Action or Equal Employment Opportunity questions or need a Reasonable Accommodation, please contact Diversity Officer / ADA Coordinator: Tonya Bourassa 617-701-8127.Information submitted by applicants is collected through the JazzHR Platform, your submission of application materials constitutes your express consent for this information to be provided to JazzHR for processing. Please do not include any personally identifiable information with your application materials other than that specifically requested by CHIA. CHIA requests basic information such as name, address, telephone number, and email address. You may also self identify race/ethnicity, gender, disability and/or veteran status if you so choose. However, you should not provide more detailed personal information such as your date of birth or Social Security Number with your application materials.In compliance with federal laws, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.CHIA has adopted Executive Order #595: COVID-19 Vaccination Requirement for Executive Department EmployeesAs a condition of employment, successful candidates will be required to have received COVID-19 vaccination and/or boosters prior to the finalization of the hiring process. Details relating to complying with this requirement will be provided to finalists.Finalists who can provide documentation that the vaccine is medically contraindicated or who object to vaccination due to a sincerely held religious belief may make a request for a reasonable accommodation.Executive order can be found here: https://www.mass.gov/doc/august-19-2021-executive-department-employee-vaccination-orderPowered by JazzHRywM2b5o2Ioby Jobble

Keywords: Center For Health Information And Analysis, Boston , Security Engineer, Engineering , Boston, Massachusetts