Application Security Manager

JOB TITLE:

Application Security Manager

JOB LOCATION:

Quincy, MA WAGE RANGE*: $60-$64 JOB NUMBER: ITS
77-EHS-FY27-NET ENG – 001-168

CLOSE 6-17-26

JOB DESCRIPTION:

Executive Office of Health and Human services is looking for a Security manager who will be responsible for ensuring the security of the company's infrastructure, networks, data and applications. Application Security manager will ensure that applications and services of an organization are secured and implemented with best security practices following the organization's governance model. JOB DUTIES (Detailed Statement of Duties and Responsibilities):
Implement Data Security Management and Operation models. Establish various security compliance standards including (but not limited to) NIST(National Institute of Standards and Technology), FIPS(Federal Information Processing Standards), FedRAMP(Federal Risk and Authorization Management Program) Engage with agency Privacy and Security office teams to exchange Compliance reports and obtain approvals as necessary. Involve with auditors as necessary to provide compliance reports as requested and implement mitigation steps as required.

Implement process and tools for application vulnerability testing(SAST/DAST). Establish and manage a vulnerability management including coordination of penetration testing and ongoing vulnerability remediation, tracking, and security compliance reporting. Setup requirements for penetration testing and engage with vendors and agencies to perform/report pen tests. Setup infrastructure audits and reports with the help of system admins and vendors as necessary. Maintaining the system integrity and security by following the industry standard IT Controls Implement automation of systems administration and software migration for QA and Production Develop relationships with QA and application teams to establish quality and application compliance based on Organization standards.

Provide architecture and configuration recommendations to ensure hosted/deployed environments are security and best practices compliant. Provide technical assistance/recommendations to agency users and other agency personnel throughout the Commonwealth. Evaluate security and audit tools and support them as necessary. Identify and successfully troubleshoot problems in all environments and work across teams to ensure problems get resolved in a timely manner Available for off-hour incidents and provide 24x7 on-call production support on a rotation basis Provide training to teams on security and compliance as necessary Work towards continuous process improvements.

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities
* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits;

dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions. Benefits offered are in accordance with applicable federal, state, and local laws and subject to change at TCM's discretion.