Information Security Program Manager Job Description

Boston, MA
Contracted
The Center for Health Information and Analysis
Experienced

At the Center for Health Information and Analysis (CHIA), we serve as stewards of Massachusetts health data, employing multifaceted datasets and cutting-edge analytics to ensure transparency in our healthcare system. By joining CHIA as the Information Security Program Manager, you'll become immersed in the efforts of protecting one of the largest and most disparate collection of healthcare data in the Commonwealth and play a pivotal role in the success of CHIA’s Information Security team in its continued quest to improve CHIA’s overall security posture.

 In this exciting role, you will use your expertise in program management, budgeting and planning to drive the Information Security team to attain greater compliance with security frameworks such as NIST and FedRAMP.  You will use your excellent communication skills to partner and collaborate with the leaders of CHIA’s information security, IT Operations, application development, and data operations to realize CHIA’s information security strategic goals. 

This new role is a full-time, contract position reporting to the Center’s CISO. The hourly rate will be $90-$95/ hour commensurate with experience. The contractor will primarily work off-site, but occasional meetings in the Center’s Boston office at 501 Boylston Street. The engagement will run for approximately 12-months and there may be opportunity for longer-term work. 

Specifically, as the Information Security Program Manager, you will have the opportunity to:  

  • Create a multi-year information security roadmap: Create a roadmap to remediate findings from CHIA’s most recent security audit report.  Assist the Information Security team with the development of security strategies, including guiding principles and future state vision, ensuring that the strategic objectives are aligned with agency goals.  Maintain a weekly task list to streamline and prioritize work for Information Security Resources.
  • Maintain a budget of potential information security investments:  Keep current with Azure offerings in security as they relate to the technical and business problems CHIA faces and work with the organization to continue to evolve our capabilities and infrastructure by leveraging and procuring new and emerging offerings. 
  • Lead the effort to create a business continuity plan for CHIA:  Lead cross-team effort to create a comprehensive business continuity plan (BCP) for CHIA.  Include periodical tabletop exercises and testing activities to maintain the robustness of the BCP.
  • Be the point of contact for Legal/Privacy on joint projects with Information Security: Lead project teams in creating, planning, and delivering far-reaching, clear and concise documentation and policies to CHIA as required by various information security and privacy frameworks.  Report on monthly Security/Privacy meetings with roadmap and status updates.

Here are the important qualifications we are looking for: 

  • Working knowledge of cloud architectures: Demonstrate your proven familiarity with an Azure cloud environment.
  • Understanding of industry regulatory and compliance requirements (i.e., FedRAMP, NIST, HIPAA)
  • Effective Communicator: Demonstrate excellent written and verbal communication skills, with an ability to articulate complex technical issues clearly and persuasively. Engage stakeholders and foster collaboration through compelling communication. 
  • Educational Foundation: Possess a bachelor’s degree in computer science, information systems or engineering providing the necessary foundational skills for success in this role. 
  • Specialized Expertise: Bring at least 10 years of professional experience, with at least 5 years of demonstrated success in Program Management.

An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.

The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. Research suggests that qualified women, Black, Indigenous, and Persons of Color (BIPOC) may self-select out of opportunities if they don't meet 100% of the job requirements. We encourage individuals who believe they have the skills necessary to thrive to apply for this role.

Information submitted by applicants is collected through the JazzHR Platform, your submission of application materials constitutes your express consent for this information to be provided to JazzHR for processing. Please do not include any personally identifiable information with your application materials other than that specifically requested by CHIA. CHIA requests basic information such as name, address, telephone number, and email address. You may also self-identify with your race/ethnicity, gender, disability and/or veteran status. However, you should not provide more detailed personal information such as your date of birth or Social Security Number with your application materials.

Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*