Job Details
Job ID: 5517035
Job Description
REPORTS TO: Chief Technology Officer
POSITION OVERVIEW:
Senior Cybersecurity Analyst resides in the Office of Information and Instructional Technology (OIIT) within the Division of Data, Information, and Systems Improvement of the Boston Public Schools, reporting to the Chief Technology Officer. The Senior Cybersecurity Analyst plays a critical role in safeguarding the district's digital infrastructure, ensuring a secure, reliable, and effective technology environment for students, staff, and administrators across the K-12 school district. This position is responsible for managing security at both the network perimeter and the end-user device level, overseeing content filtering, remote access, and device management systems. The Senior Cybersecurity Analyst will serve in a senior role within OIIT. The Senior Cybersecurity Analyst will also be responsible for having an advanced-level knowledge of Cybersecurity Frameworks, Tools, Attack Vectors, and Prevention and Remediation Methods.
RESPONSIBILITIES :
Network and Endpoint Security Management
Design, implement, and maintain security policies, standards, and procedures for the district's network and end-user devices.
Monitor security systems for threats, vulnerabilities, and incidents. Respond to and resolve all detected security events promptly and effectively.
Manage and configure firewalls, intrusion detection/prevention systems (IDS/IPS), and other network security appliances.
Oversee antivirus/anti-malware solutions and endpoint detection and response (EDR) tools on all managed devices.
Remote Access and Zero Trust Framework
Manage, configure, and maintain the secure remote access infrastructure, adhering strictly to the Zero Trust Architecture (ZTA) / Zero Trust Framework principles.
Implement and enforce "Never Trust, Always Verify" policies, requiring continuous, risk-based verification for every user and device accessing district resources.
Replace or augment traditional VPN functionality with solutions that provide granular, least-privilege access (Zero Trust Network Access - ZTNA), ensuring users and devices connect only to the specific applications or resources necessary for their role.
Mandate and manage Multi-Factor Authentication (MFA) for our users, especially for all remote access and key administrative systems
Develop, document, and automate clear procedures for the provisioning, continuous monitoring, and secure revocation of remote access based on user role and device posture.
Monitor and validate the security posture and compliance of all connecting endpoints (e.g., up-to-date patches, EDR/AV status) before granting access.
Content Filtering and Compliance
Administer, configure, and fine-tune the district's enterprise-level content filtering platform (DNS-based, proxy, or cloud-based).
Ensure the content filtering solution is continuously maintained and compliant with the Children's Internet Protection Act (CIPA) and all other federal, state, and district-specific acceptable use policies for students and staff.
Develop and manage granular filtering rules (category, keyword, and URL-based) that balance security with necessary educational access and instructional needs.
Manage the process for reviewing and responding to user requests for website unblocking or categorization adjustments, ensuring a quick turnaround for instructional continuity.
Monitor, analyze, and generate detailed compliance and usage reports on internet activity, identifying trends, potential policy violations, and high-risk usage patterns.
Work collaboratively with educational technology staff to test and validate filtering policies on various district devices and grade levels.
Device Management (MDM/UEM)
Administer the Mobile Device Management (MDM) or Unified Endpoint Management (UEM) platform for all district-owned devices (e.g., Chromebooks, laptops, tablets, and desktops).
Perform secure device provisioning, configuration, deployment, and lifecycle management.
Ensure all endpoints are properly patched, configured with mandated security controls, and inventoried.
Collaboration and partnership with the City of Boston's Cybersecurity and I.T. teams
Other duties as assigned
Qualifications - Required:
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a closely related field.
Five (5) or more years of progressively responsible experience in cybersecurity, information security, or IT security operations, including experience in a senior or lead technical role.
Demonstrated hands-on experience securing both network infrastructure and end-user devices, including:
Firewalls and network security appliances.
Endpoint protection and endpoint detection and response (EDR) tools
Antivirus and anti-malware solutions
Experience monitoring, investigating, and responding to cybersecurity incidents, threats, and vulnerabilities using security monitoring tools and established response procedures.
Strong working knowledge of Zero Trust Architecture (ZTA) concepts, including identity-based access, least-privilege access, and continuous verification.
Experience managing secure remote access technologies, including multi-factor authentication (MFA), endpoint posture validation, and role-based access controls.
Experience administering and maintaining enterprise-level content filtering solutions, including configuration, policy enforcement, reporting, and compliance monitoring.
Knowledge of Children's Internet Protection Act (CIPA) requirements and experience supporting compliance through technical controls and reporting.
Experience administering Mobile Device Management (MDM) or Unified Endpoint Management (UEM) platforms for large device fleets (e.g., Chromebooks, laptops, tablets, desktops).
Ability to develop, document, and enforce cybersecurity policies, standards, procedures, and technical controls.
Strong analytical, troubleshooting, documentation, and communication skills, with the ability to translate technical security issues into clear guidance for non-technical stakeholders.
Qualifications - Preferred:
Master's degree in Cybersecurity, Information Assurance, Risk Management, Public Administration, or a related field.
Experience working in a K-12 school district, higher education, or public-sector environment, particularly in large, distributed organizations.
Advanced experience implementing or operating Zero Trust Network Access (ZTNA) solutions or modern VPN alternatives.
Familiarity with cybersecurity frameworks and standards, including:
NIST Cybersecurity Framework (CSF)
CIS Critical Security Controls
Zero Trust maturity models
Experience generating and analyzing security, compliance, and usage reports to identify trends, risks, and policy violations.
Experience collaborating with instructional technology, educational technology, or academic stakeholders to balance security requirements with instructional access.
Professional cybersecurity certifications such as CISSP, GIAC, CEH, CySA+, Security+, or equivalent, or the ability to obtain certification within a specified period.
Experience mentoring staff, serving as a senior technical escalation point, or providing cybersecurity guidance across teams.
Terms: Managerial, C52 ($116,738)
The Boston Public Schools, in accordance with its nondiscrimination policies, does not discriminate on the basis of race, color, age, criminal record, physical or mental disability, pregnancy or pregnancy-related conditions, homelessness, sex/gender, gender identity, religion, national origin, ancestry, sexual orientation, genetics, natural or protective hairstyle, military status, immigration status, English language proficiency, or any other factor prohibited by law in its programs and activities. BPS does not tolerate any form of retaliation, or bias-based intimidation, threat or harassment that demeans individuals' dignity or interferes with their ability to work or learn. If you require an accommodation pursuant to the ADA for the application process, please contact the Accommodations Unit at accommodations@bostonpublicschools.org.
Position Type: Central Office
Salary: $116,738.00 1.0 FTE
Job Requirements
Citizenship, residency or work visa required
Contact Information
Boston Public Schools, Office of Human Resources
2300 Washington Street
Roxbury, Massachusetts 02119
Email: hiringprocess@bostonpublicschools.org
