Cybersecurity Security Analyst - SecOps Support (Contracted/Temporary)

About The Position

Requirements

• Foundational understanding of information security principles and practices.
• Strong analytical skills with the ability to follow documented instructions and execute tasks accurately.
• Excellent written and verbal communication skills.
• Ability to manage multiple tasks and priorities in a structured, regulated environment.
• Proficiency with Microsoft Office (Word, Excel, PowerPoint, Outlook).
• Ability to work independently while collaborating effectively as part of a security team.
• Strong attention to detail and accountability.

Nice To Haves

• Exposure to or familiarity with:
• Vulnerability management tools (e.g., Tenable, Veracode)
• Governance, Risk, and Compliance (GRC) activities
• Identity and Access Management (IAM) processes
• Awareness of or willingness to learn:
• NIST CSF and NIST RMF
• Commonwealth of Massachusetts / EOTSS security policies and standards
• Data security and emerging AI risk management considerations
• Prior experience in a public sector, government, or regulated environment is a plus.

Responsibilities

• Security Operations & Vulnerability Management: Support EOED’s vulnerability management program, including:
• Reviewing vulnerability scan results.
• Tracking remediation activities.
• Coordinating with IT and application owners on remediation status.
• Assist with vulnerability tooling workflows (e.g., Tenable, Veracode), reporting, and documentation, including updating the Application Inventory records with security metadata, and coordinating stakeholder input.
• Validate remediation actions and update tracking systems accordingly.
• Governance, Risk & Compliance (GRC): Provide hands-on support for GRC and compliance activities, including:
• Evidence collection and documentation.
• Control mapping and compliance tracking.
• Support for audits, assessments, and internal reviews.
• Assist with maintaining compliance artifacts aligned with:
• NIST Cybersecurity Framework (CSF)
• NIST Risk Management Framework (RMF)
• Commonwealth of Massachusetts / EOTSS Enterprise Information Security Policies
• Support tracking of risks, findings, and remediation plans in ServiceNow, Jira, and other EOED-approved systems.
• Identity & Access Management (IAM):
• Assist with user access reviews, role validation, and privileged access reviews.
• Support identity lifecycle activities including onboarding, offboarding, and access changes.
• Help ensure access controls align with least privilege and Commonwealth security standards.
• Documentation, Coordination & Communication:
• Execute tasks and assignments documented in Jira, ServiceNow, AIRS, email, and other tracking tools.
• Maintain clear, accurate, and timely documentation of work performed.
• Communicate effectively with technical and non-technical stakeholders.
• Escalate issues, risks, or blockers appropriately to the EOED CISO.
• Additional Support:
• Assist with other SecOps activities as needed, including incident response support, security awareness initiatives, and ad hoc security projects.
• Develop familiarity with EOED systems, data, and business processes, including emerging areas such as AI risk and data security.

Benefits

• When you embark on a career with the Commonwealth, you are offered an outstanding suite of employee benefits that add to the overall value of your compensation package. We take pride in providing a work experience that supports you, your loved ones, and your future.
• Want the specifics? Explore our Employee Benefits and Rewards!