Hybrid Details: Greater Boston Area, MA - Onsite/Remote
Duration: 11 months to start

Job Description:
The client is seeking a skilled and motivated Cyber Security Operations Analyst to join their dynamic Information Security team. In this role, you’ll help safeguard the confidentiality, integrity, and availability of the client's digital infrastructure.  As a member of our five-person Security Operations team, you’ll report to the Information Security Lead and play a critical role in threat detection, incident response, and the continuous improvement of our security posture. This is a hands-on technical position ideal for a self-starter passionate about cybersecurity and threat hunting.

Key Responsibilities
Security Operations & Monitoring

• Respond to alerts from the Security Operations Center (SOC), Endpoint Detection and Response (EDR) systems, and identity platforms.
• Triage and resolve ServiceNow security tickets.
• Analyze daily system reports and threat intelligence feeds for actionable insights.

• Configure and refine alerts to enhance proactive and reactive capabilities.
• Maintain and optimize dashboards, queries, and data hygiene.
• Ensure log source enrollment and compliance with the Common Information Model (CIM).

• Conduct threat hunting using IOCs, IOAs, and emerging TTPs.
• Leverage SOAR workflows for automated response and remediation.
• Analyze web proxy and firewall traffic to detect and investigate anomalies.
• Participate in incident response and post-incident reviews.
• Continuously assess infrastructure and applications for vulnerabilities and risks.

• Develop dashboards and reports to track security metrics and tool performance.
• Enhance visibility across network and endpoint environments.
• Recommend and implement security improvements, including system hardening and content filtering.
• Audit and validate the deployment and effectiveness of security controls.
• Ensure adherence to the client's security policies and standards.

• Support vulnerability assessments and communicate findings to relevant stakeholders.
• Monitor and analyze the security posture of infrastructure and applications.
• Respond to alerts related to malware, breaches, zero-day threats, and trending vulnerabilities.

• Stay current on cybersecurity trends, threats, and regulatory developments.
• Recommend security solutions aligned with business needs and compliance requirements.
• Apply risk management frameworks effectively.
• Provide professional support to internal and external stakeholders.
• Offer deskside support for investigations and user education.
• Participate in emergency response efforts and provide on-call support as needed.
• Contribute to the ongoing enhancement of the client's security program.

• 2+ years of experience in IT operations
• 2+ years of experience in cybersecurity operations
• Strong analytical, organizational, and communication skills
• Team-oriented with excellent time management
• Authorized to work indefinitely in the U.S.

• Bachelor’s degree in Cybersecurity, Information Security, or related field
• Industry certifications (e.g., CISSP, Security+)
• Experience in a large-scale Cyber Security Operations environment

• Make a difference. They don’t just go to work. They're a team of employees and contractors committed to securing the client's information systems to ensure reliable, safe, secure transportation systems and constituent services for the Commonwealth of Massachusetts.
• The client has a diverse workforce and a flexible work environment. Currently, the Information Security Team is working in a flexible hybrid remote/in-office arrangement that is subject to change by leadership.

• The client is headquartered in Boston and is convenient to public transportation.
• The client is an equal opportunity employer.