Live / Hiring Now
VOL. XLII · NO. 1 · MONDAY, JUNE 1, 2026 The Premium Career Edition · Job Listing Est. 2022
FULL_TIME Posted today
I/ IT / Software Employer · Boston

Information Security Administrator

Location
Boston, Massachusetts
Compensation
$100,000
Employment
FULL_TIME
Posted
today
Apply Now

Position Summary:

The Information Security Analyst is a hands?on technical role responsible for managing the firm’s enterprise vulnerability management program while supporting daily security monitoring and incident response activities. Under the supervision of the Information Security Manager, this role will lead the identification, prioritization, reporting, and remediation coordination of vulnerabilities across the firm’s systems and provide technical support for detection tuning and security tool configuration. This role sits with a small, highly collaborative, cross-functional team that provides cybersecurity and GRC capabilities to the firm. Our IT organization maintains an ISO/IEC 27001:2022 certification, and this role plays a key part in ensuring continued compliance with our ISMS program.

Primary Responsibilities:

Vulnerability Management

  • Operate, configure, and tune vulnerability scanning tools.
  • Validate vulnerabilities across endpoints, servers, applications, and cloud environments.
  • Distinguish between true positives, false positives, and vulnerabilities mitigated through compensating controls.
  • Prioritize findings using threat intelligence, EPSS, CVSS, and business impact.
  • Coordinate remediation efforts across IT teams and collaborate with those teams to ensure solutions fit the firm’s risk posture and needs.
  • Track remediation progress, manage risk exceptions, and escalate overdue high?risk items.
  • Maintain dashboards and reporting for leadership, ISO/IEC 27001, HIPAA, and client requests.
  • Support penetration test remediation and validation.

Security Monitoring & Incident Response

  • Monitor, analyze, and respond to alerts from SIEM, endpoint security, email security, and identity systems.
  • Perform Tier 1–2 incident triage and determine severity and scope.
  • Conduct investigations, collect evidence, support containment and eradication.
  • Document incidents and contribute to post?incident reviews.
  • Participate in on?call or rotation-based escalation as required.

Detection Engineering & Security Tool Support

  • Assist with tuning SIEM, EDR, and other security tools.
  • Support onboarding of new log sources.
  • Validate new detection logic.
  • Maintain SOAR workflows related to vulnerabilities.
  • Support configuration hardening activities.

This role requires 60% in office presence; remote work is permissible 40% of the time.

Qualifications:

  • 3–5 years of experience in vulnerability management or security operations.
  • Experience with vulnerability scanners (Nessus, Rapid7, Qualys, Defender TVM).
  • Understanding of CVE/CVSS, EPSS, and remediation.
  • Experience with SIEM, EDR, or email hygiene tools (Splunk, Sentinel, Rapid7, Defender, CrowdStrike, Proofpoint, Mimecast).
  • Ability to support incident investigations.
  • Familiarity with ISO/IEC 27001, NIST CSF, and HIPAA safeguards.
  • Strong analytical and communication skills.
  • Ability to ‘own the problem’ and work tasks, incidents, or projects to completion.
  • Ability to function in a fast-paced, service-oriented environment, prioritize multiple projects on a daily basis, and adjust to shifting priorities.
  • Strong planning, project management and organizational skills.
  • Strong sense of urgency.
  • Facility analyzing, working with and presenting data.
  • Ability to collaborate and gain the respect, trust, and confidence of the Firm’s attorneys and professional staff.
  • Creative and proactive approach to problem solving.
  • Facilitate teamwork and identify opportunities to develop new processes/infrastructure.
  • Demonstrated ability to grasp and implement new concepts quickly.
  • Strong analytical abilities, resourcefulness, and attention to detail.
  • Ability to work independently and as part of a team with a proactive and positive style that fosters collaborative working relationships.
  • Outstanding sense of customer service.
  • Deep personal commitment to integrity, excellent judgment, and the highest standards of ethics.
  • Must display the highest level of diplomacy, tact and discretion, with comfort in handling and maintaining confidential information.

Preferred Qualifications

  • Experience in legal or regulated environments.
  • Certifications such as Security+, CySA+, GSEC, or equivalent.
  • Familiarity with SOAR automations.

How to apply.

Apply through TopOneHire and we forward your application to the hiring employer. TopOneHire is a publisher and listings platform — we do not screen, interview, or make hiring decisions.

Apply Now

Similar roles.

All Specialty & Cross-Industry →
01 Employer (Multi-Industry) · Fredonia Maintenance TechnicianFULL_TIME Fredonia, New York $22.00/hr 02 IT / Software Employer · Boston ServiceNow Platform LeaderFULL_TIME Boston, Massachusetts $150,000 03 Corporate Administrative Employer · Farmington Insurance Administrative SpecialistFULL_TIME Farmington, Connecticut $63,000 04 Accounting Firm · Weston Payroll SpecialistFULL_TIME Weston, Massachusetts $72,800