Commonwealth of Massachusetts is hiring: Cybersecurity Engineer in Boston

Overview

Job Description - Cybersecurity Engineer (250006UJ)

Posting Number 2025-14

SALARY RANGE (Grade 14) CSAXXX: $79,353.09 -- $119,029.61 (Commensurate with experience)

This position will be based out of the Boston, Lawrence, Brockton, Marlboro, or Chicopee OSA offices. Please indicate your geographical preference in office location when applying per the application instructions below.

General statement of duties

We are seeking a dedicated Cyber Security Engineer to support the research, implementation, monitoring, and governance of the agency’s network security infrastructure. This role works closely with the Senior Network Security Engineer to safeguard agency data, ensure compliance with regulatory standards, and proactively mitigate cyber threats.

The OSA is looking for motivated individuals who seek public service as an opportunity to expand their knowledge and exposure to new technology while giving back to the community. If you love to get things done and can take on responsibility, we have the job for you.

Supervision received

Incumbent receives supervision from the Assistant Director of IT, Network Operations and works with the Network Security Engineer.

Responsibilities

• Assist in maintaining the agency’s cybersecurity strategy and data governance policies.
• Monitor and enforce data protection and retention rules using Microsoft Purview.
• Analyze security events and logs to identify risks and maintain compliance with industry regulations.
• Conduct security audits, vulnerability assessments, and penetration testing to strengthen the agency’s security posture.
• Respond to and investigate data breaches, ensuring swift remediation and transparent communication.
• Provide cybersecurity awareness training and technical support to agency staff.
• Stay informed on emerging threats and recommend proactive security measures.
• Maintain thorough documentation of security policies, procedures, and protocols.
• Acquire and maintain key certifications.

Equal Opportunity Statement

The Office of the State Auditor is committed to providing equal employment opportunities. Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.

Required qualifications and experience

• Minimum of 3 years of experience in cybersecurity roles.
• Experience with data classification and securing sensitive information (PHI, PII, financial data).
• Familiarity with security tools and technologies such as firewalls, SIEMs, intrusion detection/prevention systems, and data loss prevention solutions.
• Practical experience with Microsoft M365 administration, MS Purview, Fortinet, Juniper, Cisco, and Tenable products.
• Microsoft Active Directory and Entra ID (Azure Active Directory).
• Excellent problem-solving skills with attention to detail.
• Strong communication and collaboration abilities to work effectively across teams.
• Ability to work independently and manage multiple activities simultaneously.
• Capable of both oral and written communications, including the ability to communicate complex technical information effectively to non-IT staff.

Desired qualifications

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• Relevant certifications such as CISSP, CISM, or CISA (highly desirable).
• Strong understanding of cybersecurity frameworks, including NIST, ISO 27001, and CIS Controls.
• Knowledge of business continuity and disaster recovery planning.
• Software security and QA assessments.
• Knowledge of IP networking and topologies.
• Knowledge of and experience with AI chatbots for ideation or problem-solving.

The Office of the State Auditor is committed to providing equal employment opportunities.Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.

Official Title

Engineer

Details

Note: Other details below were reorganized for clarity and consistency.

Primary Location

Information Systems and Technology

Agency

Office of the State Auditor

Schedule

Full-time

Shift

Day

Job Posting

Sep 23, 2025, 5:26:09 PM

Number of Openings

1

Salary: 79,353.09 - 119,029.61 Yearly

If you have Diversity, Affirmative Action or Equal Employment Opportunity questions or need a Reasonable Accommodation, please contact Diversity Officer / ADA Coordinator: Marie Tedesco - 6177276200

Potentially Eligible for a Hybrid Work Schedule: Yes