• Information Security Analyst - Judiciary Information Services Department

    Location US-MA-Boston
    Office of Court Management
    Posting Date

    Compensation commensurate with experience. Please upload a current resume during the application process. 


    This requisition will remain open until filled; however, first consideration will be given to those applicants that apply within the first 14 days.


    This position is designated as management position and is covered by the Trial Court Personnel Policies and Procedures Manual. 


    The Trial Court is committed to:

    • fair and impartial administration of justice;
    • protection of constitutional and statutory rights and liberties;
    • equal access to justice for all in a safe and dignified environment with policies and practices that strengthen and support diversity, equity, and inclusion;
    • efficient, effective, and accountable resolution of disputes;
    • prompt and courteous service to the public by committed and dedicated professionals utilizing best practices in a manner that inspires public trust and confidence.


    The Judicial Information Services (JIS) Department is charged with the implementation, maintenance, update and training of technology systems in support of the Judiciary including the Supreme Judicial Court (SJC), the Appeals Court, the Trial Courts, and the Probation Department. This includes network and servers connecting all Court locations, computer hardware and peripherals, the myriad of software necessary to maintain the Courts' programs, and voice and video telecommunications services ranging from phone systems to video conferencing equipment. JIS is also charged with the procurement, deployment, training and maintenance of various Court Case Management Systems (CMS) including Forecourt, and MassCourts (Trial Courts web-based CMS).






    The Judicial Information Services Department (JISD) of the Office of Court Management is looking for a motivated individual to join the team within information security. Reporting to the CISO of the Trial Court, the Information Security Analyst for Vulnerability Management (ISA) is responsible for assisting in the development and implementation of the policies, procedures, programs and framework of the Enterprise Information Security Program. The Information Security Analyst will interact and liaise with the asset management teams across JISD to asses and remediate risk to the environment. The ISA will also develop & maintains a repository of reference documents for information security architectures and strategies, technical standards, and requirements, applicable to all information technology projects;


    The Information Security Analyst reports to the Chief Information Security Officer and receives general direction in performing duties in accordance with established guidelines.



    Assists with the development and implementation of the Enterprise Information Security Program, including the following program components: vulnerability management and verification testing, security information and event management (SIEM), incident response, business continuity, control testing, and risk assessment;


    Drafts & maintains information security policy, guidance, and process and procedure documents in alignment with best practice information security policies, regulations, and standards;


    Develops & maintains a repository of reference documents for information security architectures and strategies, technical standards, and requirements, applicable to all information technology projects;


    Monitors changes to system configurations and security alerting;


    Observes and monitors the Court network, websites, applications, computers, and databases;


    Supports both internal and external audits as they relate to application access and Security Administration;


    Assists with monitoring of enterprise application configurations to ensure they meet the standards required by the Enterprise Information Security Program;


    Works with IT and business partners to ensure information security documents meet their needs;


    Works with outside consultants as appropriate for independent security audits and penetration tests;

    Supports the communication of policy and guidance documents to the wider organization;


    Maintains a high level of knowledge through training, participation in outside seminars and from professional publications and groups to ensure compliance with regulatory guidelines;


    Manages work to ensure all deliverables are met on a timely and quality basis;


    Provides on-call support as needed; and


    Performs other related duties as required.


    Ethics and Values

    Communicates and demonstrates the ethics and values of the Judicial Branch.


    Understands, upholds, and communicates the Judicial Branch and Information Services missions.

    Applied Knowledge

    Understands information services operations, specialized security vulnerability management tools, applications, and software.


    Continuous Learning

    Demonstrates a commitment to continuously improve their knowledge of fast-changing computer programs, hardware and software through professional development.

    Commitment to Diversity

    Promotes an environment of diversity through understanding, respect, and positive communication with persons of varies racial, ethnic, economic and cultural backgrounds.

    Customer Service

    Conducts oneself in a courteous and professional manner when assisting all employees of the Judiciary, regardless of their position in the Judiciary.


    Works with others cooperatively, demonstrating a willingness to be a team player, and contributing to a work environment that focuses on shared departmental goals.

    Problem Solving

    Accurately assesses workplace problems in TCIS and recommends and facilitates appropriate solutions.


    These are the minimum requirements necessary to apply for the position of Information Security Analyst for Judiciary Information Services:


    Bachelor's degree in a related field or CISSP or equivalent certification, relevant experience can be substituted for degree


    2+ years of experience within information security policy, administration or project management


    Expertise in understanding antivirus solutions, vulnerability scanning, data classification tools and SIEM required


    Significant experience with NIST Cybersecurity Framework, CIS Critical Security controls, or FEDRAMP standards is strongly encouraged


    Demonstrated experience with creating standard operating processes


    Documentation experience with the standard MS Office Suite, Visio, Project, and SharePoint


    Excellent organizational skills and the ability to meet deadlines


    Excellent oral and written communication skills targeted at a variety of technical and non-technical audiences


    Proven track record of building relationships with technical and nontechnical staff & vendors;


    Strong communication, customer service and interpersonal skills


    Ability to visit work sites and to assist at emergencies and/or events as needed;



    Applicants must apply by completing a Trial Court online application at the following web address: https://careers-trialcourtsofmass.icims.com/jobs/intro




    Employment is contingent upon passage of a criminal record check.


    If you are not currently viewing this posting online, please visit the Judicial Court Jobs website at www.mass.gov/courts to apply for this position or any other Trial Court employment opportunity.


    No applications or resumes will be accepted by hand, mail, fax, or email delivery.




    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed