Massachusetts Jobs

MassHire JobQuest Logo

Job Information

State of Massachusetts Deputy Chief Information Security Officer in Quincy, Massachusetts

_About the Organization:_

The Massachusetts Executive Office of Health and Human Services (EOHHS) is the largest secretariat in MA state government, comprised of 16 agencies with over 20,000 employees statewide. EOHHS services directly touch the lives of slightly more than 1 in 4 residents in the Commonwealth — some of our most vulnerable children, youth, adults, and elders. EOHHS provides access to medical and behavioral health care, substance misuse treatment, long term services and support, and nutritional and financial benefits to those with low incomes. We connect elders, individuals with disabilities, and veterans with employment opportunities, housing, and supportive services. We steer troubled youth towards a more successful path and do everything possible to keep children in our child welfare system safe. We support individuals who are developmentally disabled, mentally ill, blind, deaf or hard of hearing.

_About the Role:_

EOHHS is seeking an innovative and dynamic Deputy Chief Information Security Officer. The EOHHS Security Office encompasses a wide variety of operations to secure and protect all the data EOHHS uses, processes, and maintains in furtherance of the work it and its Agencies perform. Under the direction of the EOHHS CISO and Security Office, The Deputy will oversee the day-to-day operations and in one of three major verticals in the:

  • maintaining the general acceptable control environment throughout EOHHS

  • managing the continuous monitoring program

  • managing the forensics and technology group

Concomitant with that management, the Deputy will be responsible for managing several Security Office staff. This includes, oversight and coordination of team schedules and attendance, management of workload priorities, and other personnel related matters.


  • Develop, maintain, and implement a comprehensive information resource security control framework, data flow, network, and continuous monitoring program across the Secretariat

  • Ensure all security controls meet industry standard information security requirements that adhere to federal standards, agency, and regulatory practices

  • Assist with oversight of a forensic unit that supports a portfolio of tools designed to detect/monitor unusual or unacceptable use and perform investigations/root cause analysis to prevent future actions

  • Respond to alleged violations of rules, regulations, policies, and procedures; develops and oversees a system for uniform handling of such violations

  • Develop, initiate, and revise policies and procedures for the general operation of the compliance program

  • Improve process efficiency and business outcomes for all verticals including compliance, incident response, and forensics

  • Identify potential areas of compliance vulnerability and risk; direct the development and implementation of corrective action plans for resolution of identified issues

  • Ensure adherence to legal standards with respect to information security compliance including directives for appropriate application and system patching

  • Implement and track industry standards and best practices for security compliance, and reliable, efficient, and effective project development processes

  • Support strong workforce development and succession planning through recruitment and retention programs, staff development, employee satisfaction and engagement

  • Participate in departmental meetings with Agency/Secretariat leadership and staff to ensure propagation of strong security practices

_Preferred Knowledge, Skills & Abilities:_

  • Master’s Degree in Computer Science, Information Security, or a related field

  • 6-8 year’s of experience in Information Security, IT Administration, Data Governance or a related field

  • Leadership or supervisory experience in large matrixed organizations with the capacity to manage within a complex IT environment

  • Ability to supervise staff including performance appraisal, employee coaching, training, development, and performance management

  • Broad knowledge of IT with emphasis on web-based applications, integration technologies and distributed computing platforms

  • Knowledge of state and federal security rules and regulations that apply to Information Security

  • Demonstrated knowledge of various security frameworks including NIST, HIPAA, HITrust, FedRAMP, and ISO

  • Exceptional written and verbal communication skills, with a proven ability to translate to all levels of the business in technical and non-technical terms

  • Ability to develop and maintain effective working relationships with a variety of stakeholders and communicate complex technical information to non-technical individuals

  • Proven experience managing processes related to forensic collection and incident response

/_Total Compensation:_/

As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve - but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including://

  • 75% state paid medical insurance premium

  • Reasonable Dental and Vision Plans

  • Flexible Spending Account and Dependent Care Assistance programs

  • Low cost basic and optional life insurance

  • Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan

  • 11 paid holidays per year and competitive Sick, Vacation and Personal Time

  • Tuition Benefit for employee and spouse at state colleges and universities

  • Short-Term Disability and Extended Illness program participation options

  • Incentive-based Wellness Programs

  • Professional Development and Continuing Education opportunities

  • Qualified Employer for Public Service Student Loan Forgiveness Program

/_Pre-Hire Process:_/

A criminal background check will be completed on the recommended candidate as required by the regulations set forth by the Executive Office of Health and Human Services prior to the candidate being hired. For more information, please visit

Education, licensure, and certifications will be verified in accordance with the Human Resources Division’s Hiring Guidelines. Education and license/certification information provided by the selected candidate(s) is subject to the Massachusetts Public Records Law and may be published on the Commonwealth’s website.


Applicants must have at least (A) six (6) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in business administration, business management, public administration, public management, clinical administration or clinical management of which (B) at least two (2) years must have been in a supervisory or managerial capacity or (C) any equivalent combination of the required experience and substitutions below.


I. A certificate in a relevant or related field may be substituted for one (1) year of the required (A) experience.

II. A Bachelor’s degree in a related field may be substituted for two (2) years of the required (A) experience.

III. A Graduate degree in a related field may be substituted for three (3) years of the required (A) experience.

IV. A Doctorate degree in a related field may be substituted for four (4) years of the required (A) experience.

An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.

Job: *Information Systems and Technology

Organization: *Exec Office Of Health and Human Services

Title: Deputy Chief Information Security Officer

Location: Massachusetts-Quincy - 100 Hancock Street

Requisition ID: 210000GE