This is a 4-month contracted/temporary position.

About the Organization

The Commonwealth of Massachusetts Executive Office of Economic Development (EOED) supports economic growth by fostering business development, infrastructure investment, industry advancement, and consumer confidence. EOED operates through nine state agencies and five quasi-public agencies (QPAs) that deliver essential public programs and services.

EOED supports economic growth across Massachusetts through its network of agencies and partnerships, promoting business innovation, infrastructure investment, and consumer protection. The office embraces a culture of equity, inclusion, and collaboration—values that inform all aspects of its work.

The Executive Office of Economic Development is committed to creating and sustaining a work culture that is welcoming, inclusive, and mutually respectful to all its employees regardless of race, color, age, creed, religion, national origin, ethnicity, sex, gender identity or expression, sexual orientation, genetic information, veteran or disability status. We strive to reflect diversity in all facets and levels of our agency. The Executive Office of Economic Development values inclusiveness and diversity within their employee and management teams. Within our community we strive to create and maintain working and learning environments that are inclusive, equitable, and welcoming.

The Executive Office of Economic Development is committed to ensuring a diverse and inclusive workplace where all employees feel respected, valued, and empowered to maximize their skills and talents to serve our citizens.

About the Role

The Executive Office of Economic Development is seeking a junior-level Cybersecurity Security Analyst (Contractor) to support day-to-day Security Operations (SecOps), governance, risk, and compliance activities. This role will provide hands-on operational support to EOED’s cybersecurity program under the direction of the EOED Chief Information Security Officer (CISO), and in coordination with the Commonwealth’s Executive Office of Technology Services and Security (EOTSS).

The contractor will work in a fast-paced public-sector environment supporting EOED’s mission-critical systems, data, and users, with a strong emphasis on vulnerability management, identity and access controls, and compliance execution.

Duties and Responsibilities

Security Operations & Vulnerability Management: Support EOED’s vulnerability management program, including:

• Reviewing vulnerability scan results.
• Tracking remediation activities.
• Coordinating with IT and application owners on remediation status.
• Assist with vulnerability tooling workflows (e.g., Tenable, Veracode), reporting, and documentation, including updating the Application Inventory records with security metadata, and coordinating stakeholder input.
• Validate remediation actions and update tracking systems accordingly.

Governance, Risk & Compliance (GRC): Provide hands-on support for GRC and compliance activities, including:

• Evidence collection and documentation.
• Control mapping and compliance tracking.
• Support for audits, assessments, and internal reviews.
• Assist with maintaining compliance artifacts aligned with:
  • NIST Cybersecurity Framework (CSF)
  • NIST Risk Management Framework (RMF)
  • Commonwealth of Massachusetts / EOTSS Enterprise Information Security Policies
• Support tracking of risks, findings, and remediation plans in ServiceNow, Jira, and other EOED-approved systems.

Identity & Access Management (IAM):

• Assist with user access reviews, role validation, and privileged access reviews.
• Support identity lifecycle activities including onboarding, offboarding, and access changes.
• Help ensure access controls align with least privilege and Commonwealth security standards.

Documentation, Coordination & Communication:

• Execute tasks and assignments documented in Jira, ServiceNow, AIRS, email, and other tracking tools.
• Maintain clear, accurate, and timely documentation of work performed.
• Communicate effectively with technical and non-technical stakeholders.
• Escalate issues, risks, or blockers appropriately to the EOED CISO.

Additional Support:

• Assist with other SecOps activities as needed, including incident response support, security awareness initiatives, and ad hoc security projects.
• Develop familiarity with EOED systems, data, and business processes, including emerging areas such as AI risk and data security.

Required Qualifications

• Foundational understanding of information security principles and practices.
• Strong analytical skills with the ability to follow documented instructions and execute tasks accurately.
• Excellent written and verbal communication skills.
• Ability to manage multiple tasks and priorities in a structured, regulated environment.
• Proficiency with Microsoft Office (Word, Excel, PowerPoint, Outlook).
• Ability to work independently while collaborating effectively as part of a security team.
• Strong attention to detail and accountability.

Preferred Qualifications

• Exposure to or familiarity with:
  • Vulnerability management tools (e.g., Tenable, Veracode)
  • Governance, Risk, and Compliance (GRC) activities
  • Identity and Access Management (IAM) processes
• Awareness of or willingness to learn:
  • NIST CSF and NIST RMF
  • Commonwealth of Massachusetts / EOTSS security policies and standards
  • Data security and emerging AI risk management considerations
• Prior experience in a public sector, government, or regulated environment is a plus.

Performance Expectations & Deliverables

• Timely execution of assigned tasks as documented in tracking systems.
• Accurate and complete security documentation and evidence artifacts.
• Clear status updates and issue escalation to the EOED CISO.
• Professional interaction with EOED staff, EOTSS partners, and vendors.
• Continuous improvement in understanding EOED’s security environment and applicable policies.

All applicants should attach a cover letter and resume to their online submission for this position.

Comprehensive Benefits

When you embark on a career with the Commonwealth, you are offered an outstanding suite of employee benefits that add to the overall value of your compensation package. We take pride in providing a work experience that supports you, your loved ones, and your future.

Want the specifics? Explore our Employee Benefits and Rewards!

An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.

The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. Research suggests that qualified women, Black, Indigenous, and Persons of Color (BIPOC) may self-select out of opportunities if they don't meet 100% of the job requirements. We encourage individuals who believe they have the skills necessary to thrive to apply for this role.