Security IT Business Analyst
3B Staffing LLC, Quincy, MA, United States
Work location Quincy Masss Hybrid
Candidates have to live in the MASS OR RI areas
Position Description
EOHHS is seeking to hire a highly motivated and detail-oriented Security IT Business Analyst to join the EOHHS Chief Information Security Officer's Office (CISO) Office. The position requires excellent writing skills, with a focus on development of policy and process documentation. Strong analytical, communication and presentation skills are critical. Additionally, the successful candidate must possess the following attributes: attention to detail; superior time management and solid multitasking skills; ability to contribute and work productively as part of a team; capacity to remain flexible and the ability to work well under pressure. The primary work location for this role will be at 100 Hancock Street, Quincy, Massachusetts 02171. The work schedule for this position is Monday thru Friday, 8:00AM to 4:00PM EST. This position would be expected to follow a hybrid model of reporting to work that combines in-office workdays and work from home days as needed. The Security IT Business Analyst is expected to occasionally travel to EOHHS agency area offices or group homes within the Commonwealth of Massachusetts as needed.
Responsibilities:
• Develop and maintain relevant security documentation including policies, standards, procedures, workflows, and process guides. Analyze existing security processes to identify gaps and risks for improvements.
• Support security compliance and audit readiness by ensuring documentation is complete, accurate, and aligned with Commonwealth and federal standards.
• Facilitate collaboration between the CISO's Office, IT teams, agency stakeholders, and external partners to ensure alignment and effective communication.
• Prepare reports, presentations, and dashboards to track security initiatives and communicate progress to both stakeholders and leadership.
• Assist in the development of security training, documentation, and communications that will promote adoption of security policies and best practices. Contribute to the planning, tracking, and monitoring of security projects and initiatives to ensure timely delivery and alignment with strategic objectives.
• Manage and document risks, issues, and decisions related to security policy and process initiatives of the EOHHS CISO's Office Participate in security reviews, assessments, and capturing findings to ensureing documentation of remediation steps.
• Serve as a resource for gathering, analyzing, and documenting requirements of security initiatives, tools, and processes.
• Provide structured and clear documentation that can be used to support decision-making, audits responses, and operational changes.
• Perform other related duties as assigned to support the mission of the EOHHS CISO's Office.
Preferred Qualifications:
• 5-8 years of experience in information technology, with at least 3 years in a business analyst, technical writer, or related role.
• Strong understanding of information security concepts, frameworks, and best practices (e.g., NIST CSF, CIS Controls, ISO 27001).
• Experience developing, documenting, and maintaining IT/security policies, standards, and procedures. Experience with Microsoft 365 suite, JIRA, or other collaboration/project tracking tools.
• Experience facilitating requirements gathering sessions, interviews, and workshops with technical and business stakeholders.
• Strong analytical and problem-solving skills, including the ability to identify process gaps and recommend improvements.
• Ability to manage multiple assignments simultaneously and balancing competing priorities. Capable of working independently and as part of a cross-functional team.
Candidates have to live in the MASS OR RI areas
Position Description
EOHHS is seeking to hire a highly motivated and detail-oriented Security IT Business Analyst to join the EOHHS Chief Information Security Officer's Office (CISO) Office. The position requires excellent writing skills, with a focus on development of policy and process documentation. Strong analytical, communication and presentation skills are critical. Additionally, the successful candidate must possess the following attributes: attention to detail; superior time management and solid multitasking skills; ability to contribute and work productively as part of a team; capacity to remain flexible and the ability to work well under pressure. The primary work location for this role will be at 100 Hancock Street, Quincy, Massachusetts 02171. The work schedule for this position is Monday thru Friday, 8:00AM to 4:00PM EST. This position would be expected to follow a hybrid model of reporting to work that combines in-office workdays and work from home days as needed. The Security IT Business Analyst is expected to occasionally travel to EOHHS agency area offices or group homes within the Commonwealth of Massachusetts as needed.
Responsibilities:
• Develop and maintain relevant security documentation including policies, standards, procedures, workflows, and process guides. Analyze existing security processes to identify gaps and risks for improvements.
• Support security compliance and audit readiness by ensuring documentation is complete, accurate, and aligned with Commonwealth and federal standards.
• Facilitate collaboration between the CISO's Office, IT teams, agency stakeholders, and external partners to ensure alignment and effective communication.
• Prepare reports, presentations, and dashboards to track security initiatives and communicate progress to both stakeholders and leadership.
• Assist in the development of security training, documentation, and communications that will promote adoption of security policies and best practices. Contribute to the planning, tracking, and monitoring of security projects and initiatives to ensure timely delivery and alignment with strategic objectives.
• Manage and document risks, issues, and decisions related to security policy and process initiatives of the EOHHS CISO's Office Participate in security reviews, assessments, and capturing findings to ensureing documentation of remediation steps.
• Serve as a resource for gathering, analyzing, and documenting requirements of security initiatives, tools, and processes.
• Provide structured and clear documentation that can be used to support decision-making, audits responses, and operational changes.
• Perform other related duties as assigned to support the mission of the EOHHS CISO's Office.
Preferred Qualifications:
• 5-8 years of experience in information technology, with at least 3 years in a business analyst, technical writer, or related role.
• Strong understanding of information security concepts, frameworks, and best practices (e.g., NIST CSF, CIS Controls, ISO 27001).
• Experience developing, documenting, and maintaining IT/security policies, standards, and procedures. Experience with Microsoft 365 suite, JIRA, or other collaboration/project tracking tools.
• Experience facilitating requirements gathering sessions, interviews, and workshops with technical and business stakeholders.
• Strong analytical and problem-solving skills, including the ability to identify process gaps and recommend improvements.
• Ability to manage multiple assignments simultaneously and balancing competing priorities. Capable of working independently and as part of a cross-functional team.