Find your next cybersecurity opportunity


Info Security Analyst II

Mass General Brigham

Mass General Brigham

Somerville, MA, USA
Posted on Tuesday, July 2, 2024
Info Security Analyst II - (3295921)


About Us

As a not-for-profit organization, Mass General Brigham is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women’s Hospital and Massachusetts General Hospital, Mass General Brigham supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research. We’re focused on a people-first culture for our system’s patients and our professional family. That’s why we provide our employees with more ways to achieve their potential. Mass General Brigham is committed to aligning our employees’ personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development—and we recognize success at every step. Our employees use the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

The Information Security Analyst II will provide extensive support to the evolution and improvement of the existing Digitial Information Security Policy Portfolio. This role will focus on helping Mass General Brigham Digital grow and enhance their approach to providing security requirements and guidance to users throughout the organization. This role is critical to building strong security governance practices and tools. The Information Security Analyst II independently operates existing processes to operate security controls within their domain. They will identify improvements in these processes, and may be tasked with executing those improvements.

The Information Security Analyst II works across multiple teams within Mass General Brigham Digital, and participates in broader projects to drive improvements in the Mass General Brigham information security posture. They leverage critical thinking and problem-solving skills in their day to day work, and may mentor more junior team members.

Principal Duties and Responsibilities:

· Develop an understanding of Mass General Brigham applications, information security concepts and best practices, and service management offerings.

· Oversee day to day development and maintenance of the Digital Information Security Policies and Standards portfolio.

o Create, review, and update documentation related to the information security controls

o Facilitate outreach, education and communication requirements in support of policy portfolio efforts.

· Support Digital Information Security (DIS) consolidated communications approach by helping DIS business units develop cross team outputs that tell a story

· Support the Enterprise Governance, Risk and Compliance (GRC) tool

· Provide support for intake and triage of Digital Information Security service tickets in ServiceNow

· Support coordinated audit activities as assigned

· Support continuous information security process improvement efforts associated with the effective and efficient application of information security tools

· Collect and visualize metrics by collecting, analyzing, and summarizing information obtained from multiple data sources into executive reporting dashboards

· Assist Information System (IS) incident handling with data gathering, analysis, outreach and education when needed

· Maintain awareness of new technologies and related opportunities for impact on system or application security.

· Independently operates existing processes and proactively identifies and optimizes improvement in existing processes. May individually drive improvements in these processes.

· May mentor junior team members, sharing knowledge and best practices.

· Works across multiple teams to drive security improvements for Mass General Brigham.

· Participate in project-level efforts to improve cybersecurity capabilities.

· Works independently to stay abreast of changes in domain, suggesting relevant improvements to Mass General Brigham cybersecurity posture.

· Use the Mass General Brigham values to govern decisions, actions, and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

· Other duties and responsibilities as assigned.



• Bachelor’s or Associate’s Degree or requisite experience

• 2+ years of relevant experience

• Relevant Certifications preferred


· Strong understanding of cybersecurity concepts.

· Strong writing skills required to articulate technical concepts into business terms.

· Strong problem-solving skills and analytical thinking to identify solutions to complex problems, and to optimize existing solutions.

· An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization.

· Excellent organization and prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.

· Excellent communication and teamwork skills to share knowledge, present ideas, and lead discussions.

· High proficiency with the tools and solutions supported by the team.

· Solid understanding of technology and design principles.

Supervisory Responsibilities:

· No direct reports; may provide guidance to less seasoned and new staff

Working Conditions:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.

· This position requires occasional local travel to Mass General Brigham sites, vendors, and/or conferences

· Hospital work environment working conditions include possible exposure to diseases or infections and may require safety gear (PPE) such as gloves and mask.

· Normal office working conditions. The noise level in the work environment is quiet to moderate.

· While performing the duties of this job, the employee is frequently required to sit; talk; or hear; use hands to finger; handle; or feel; reach with hands and arms. The employee is occasionally required to stand; walk; and stoop; kneel; or crouch. The employee must frequently lift and/or move up to 5 pounds and occasionally lift and/or move up to 20 pounds.

EEO Statement

Mass General Brigham is an Equal Opportunity Employer. By embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

Primary Location

: MA-Somerville-MGB Assembly Row

Work Locations

MGB Assembly Row
399 Revolution Drive
Somerville 02145


: Information Security


: Mass General Brigham


: Full-time
Standard Hours: 40


: Day Job
Posted Shift Description: M-F 8am-5pm

Employee Status

: Regular
Recruiting Department: MGB Digital

Job Posting

: Jul 1, 2024