Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

State of Massachusetts Director of Commonwealth Security Operations in Chelsea, Massachusetts

*About the Executive Office of Technology Services and Security:* The Executive Office of Technology Services and Security (EOTSS) is the state’s lead office for information technology. We provide enterprise level information technology services including network management and security; computer operations; application hosting; desktop provisioning and management; and modern and responsive digital services to over 45,000 internal stakeholders plus the residents, business owners and visitors to the Commonwealth of Massachusetts. *About the Role:* EOTSS is seeking a Director of the Commonwealth Security Operations Center (CSOC). Reporting to the Commonwealth Chief Information Security Officer and/or the Deputy Commonwealth Chief Information Security Officer, the Director of the CSOC manages the security operations team on a 24x7x365 basis including managing on-call staff and vendor partners. The Director will assist executive leadership develop the CSOC strategy and mission through interviews, needs assessments and planning with consumer/contributor agencies and other relevant partners and stakeholders. In addition to overseeing the operations team, the Director will provide technical guidance and assistance to the Commonwealth’s business and IT communities and will manage the financial activities and future growth of the CSOC to meet operational objectives. _Responsibilities:_ * Define key security metrics, tracking, and reporting for all Security Operations activities. * Design the scope and range of the CSOC and define the overall strategy, functions and services provided by the CSOC. * Establish Communication Plans, Standard Operating Procedures (SOP), Processes Documentation and Run Books that standardize and automate alert and incident reporting and response. * Ingest information from multiple sources and intelligently filter and disseminate actionable informational products to consumer/contributor agencies that specifically applies to them based on inventory of OS, hardware, software, web services and vendors. * Monitor intelligence feeds and disseminate situational awareness and security advisories appropriately to effected consumer/contributor agencies, and others as needed. * Develop applicable and actionable reporting of alerts, malicious traffic, attempted attacks, incidents, user traffic, bandwidth, and volume to EOTSS management and consumer/contributor agencies via reports and dashboards. * Identify SOC staffing needs, skillsets, and development via an employee review system and retention programs. Cultivate employee recruitment from area universities through internships and employment feeder programs. Create scalable staffing models based on varying workloads and dynamic demand for service. * Evaluate current technology and tools and identify gaps in the technology stack. Pinpoint solutions necessary to deliver defined services. Propose solutions that fill the void and develop a roadmap to implement the identified mitigating technologies. * Operationalize and test all the above processes. Build in a continuing service improvement cycle and post incident review procedure. * Develop and lead tabletop exercises. _Required Knowledge, Skills and Abilities:_ * Bachelor’s degree in information systems or a related discipline, or equivalent experience * 7 years of cyber security experience * 5 years of experience in incident response or penetration testing with proven experience handling cyber threats from external sources * 3 years of leadership experience in a Security Operations Center (SOC) or similar incident command organization or reporting structure * 2 years of security solution design and security architecture experience; working as a security architect with business stakeholders * Experience securing applications within public and private cloud platforms * Experience with network flow data/tools and analyzing high volumes of logs and related sources to support incident investigations * Demonstrated understanding of Tactics, Techniques, Procedures (TTP) and life cycle of network threats, attacks, and methods of exploitation * Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements * Knowledge of Continuous Integration (CI) / Continuous Delivery/Deployment (CD) and automation tools * Understanding the best practices, control frameworks, and applicable legal and regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc. * Excellent Presentation skills and ability to present to senior management _Preferred Knowledge, Skills and Abilities:_ * Prior government experience is a plus * Security certifications such as CISSP, CISM, CISA, CRISC or other related areas * National Incident Management System Training MINIMUM ENTRANCE REQUIREMENTS: Applicants must have at least (A) six (6) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in business administration, business management, public administration, public management, clinical administration or clinical management of which (B) at least two (2) years must have been in a supervisory or managerial capacity or (C) any equivalent combination of the required experience and substitutions below. Substitutions: I. A certificate in a relevant or related field may be substituted for one (1) year of the required (A) experience. II. A Bachelor’s degree in a related field may be substituted for two (2) years of the required (A) experience. III. A Graduate degree in a related field may be substituted for three (3) years of the required (A) experience. IV. A Doctorate degree in a related field may be substituted for four (4) years of the required (A) experience. Executive Order #595:As a condition of employment, successful applicants will be required to have received COVID-19 vaccination or an approved exemption as of their start date. Details relating to demonstrating compliance with this requirement will be provided to applicants selected for employment. Applicants who receive an offer of employment who can provide documentation that the vaccine is medically contraindicated or who object to vaccination due to a sincerely held religious belief may make a request for exemption. An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply. Job: Information Systems and Technology* *Organization: Exec Office of Technology Services and Security *Title: *Director of Commonwealth Security Operations * Location: *Massachusetts-Chelsea-200 Arlington Street Requisition ID: 210008AH