isecjobs.com

IT Security Audit Compliance Coordinator (Public Service Administrator, Option 3)

Springfield, IL, US, 62762

Full Time Mid-level / Intermediate USD 95K - 141K
State of Illinois logo

State of Illinois

Find places to go, things to see. Search through all the different services offered by the various Illinois agencies.

View all jobs at State of Illinois

Apply now Apply later

​Agency :  Department of Innovation and Technology
Position Title: Public Service Administrator, Option 3

Posting Date: 9/10/2024

Closing Date/Time: 09/23/2024
Salary:   Anticipated Starting Salary $7,966/month. Full Range:$7,966 - $11,759 / month  
Job Type:   Salaried
Category: Full Time 
County:   Sangamon 
Number of Vacancies:   1
Plan/BU: RC063

 

This position is a union position; therefore, provisions of the relevant collective bargaining agreement/labor contract apply to the filling of this position.

 

All applicants who want to be considered for this position MUST apply electronically through the illinois.jobs2web.com website. State of Illinois employees should click the link near the top left to apply through the cloud.com/sf/careers/jobsearch?bplte_company=SILHCM20P1" target="_blank">SuccessFactors employee career portal.

Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.

 

Posting Identification Number  41252 

 

Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as a/the IT Security Audit Compliance Coordinator responsible for directing, managing, and providing leadership for the organization’s information security and compliance program. In this role you will develop, implement and maintain an information security program that meets or exceeds the requirements of industry regulations, standards, policies and legal requirements. The successful candidate will need to be highly analytical, professional, communicate effectively, and possesses excellent organizational skills. If you possess these knowledges, skills, abilities, and experience, we invite you to apply for this position to join the DoIT Team!

 

As a State of Illinois employee, you receive a comprehensive benefits package including:

  • Competitive Group Insurance benefits including health, life, dental and vision plans.
  • Flexible work schedules (when available and dependent upon position)
  • 10 -25 days of paid vacation time annually (10 days for first year of state employment)
  • 12 days of paid sick time annually which carryover year to year
  • 3 paid personal business days per year
  • 13-14 paid holidays per year dependent on election years
  • 12 weeks of paid parental leave
  • Pension plan through the State Employees Retirement System
  • Deferred Compensation Program – voluntary supplemental retirement plan
  • Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
  • Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility

 

For more information regarding State of Illinois Benefits follow this link: https://www2.illinois.gov/cms/benefits/Pages/default.aspx

Essential Function

25%  Subject to administrative direction, serves as the IT Security Audit Compliance Coordinator for the Department of Innovation & Technology (DoIT) supporting the Department of Human Services (DHS):

  • Performs functions as the department's audit liaison with Federal, State, and internal auditors in conjunction with the Office of the Statewide Chief Information Security Officer.
  • Gathers documentation and information requested by auditors in relation to information systems.
  • Prepares responses to audit findings using best practices as defined in Control Objectives for Information and Related Technologies (COBIT).
  • Prepares reports and recommends reviews to address related audit findings and corrective actions to include plan of action and milestones.
  • Reviews documentation to ensure adherence to DoIT and DHS standards and procedures through liaison with internal audit for quality assurance related audits. 
  • Represents the division at audit entrance and exit conferences.

 

20%  Plans the development and publication of the standards manual including application development of mainframe applications, web-based applications, client-server technology and networks:

  • Develops and revises standards and procedures allowing for the incorporation of the most recent technology tools such as divergent operating environment applications including Windows, AIX (and similar platforms).
  • Drafts and enacts office procedures. 
  • Reviews standards and processes to ensure compliance with Federal and State laws, DoIT Enterprise Information Security Policies, and DHS directives, policies, regulations, guidelines, and industry best practices including National Institute of Standards and Technology (NIST) cybersecurity guidelines and its Risk Management Framework (RMF).
     

Essential Functions, Continued

20%  Assists in providing employees of the agency, other entities, and external entities authorized access to agency data, systems, and applications:

  • Monitors reports and documents to verify proper access and assists in revoking access when required. 
  • Reviews reports and documentation to ensure users are grouped accordingly and that permissions are based on need to know and required to perform job duties and responsibilities.

 

15%  Serves as the division's Disaster Recovery Coordinator under the direction of DOIT's Disaster
Recovery Manager:

  • Directs the review and modernization of the Agency's data processing Disaster Recovery Plan in alignment with best practices as defined by the Disaster Recovery Institute International (DRII). 
  • Develops and maintains all data-related Inter-Agency Agreements as required regarding the exchange of computerized data with other State or non-State entities.

 

15%  Serves as a working supervisor:

  • Assigns and reviews work.
  • Provides guidance and training of assigned staff.
  • Counsels staff regarding work performance.
  • Reassigns staff to meet day-to-day operating needs.
  • Establishes annual goals and objectives.
  • Approves time off.
  • Prepares and signs performance evaluations.

 

5%  Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.
 

Minimum Qualifications

  1. Requires knowledge, skill, and mental development equivalent to completion of four (4) years of college.  
  2. Requires three (3) years of progressively responsible experience in management information systems, data processing, telecommunications. 

Specialized Skills

  1. Requires three (3) years of progressively responsible administrative experience in Information Technology audit compliance regulations such as Business Continuity and Disaster Recovery as defined by the Disaster Recovery Institute International (DRII) or similar standards.
  2. Requires three (3) years of progressively responsible administrative experience with security risk standards such as the National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF) and NIST Risk Management Framework (RMF).
  3. Requires three (3) years of progressively responsible administrative experience with control standards such as COBIT or related technologies.
  4. Requires three (3) years of professional experience supervising professional information technology staff.

Preferred Qualifications (In Order of Significance)

  1. Three (3) years of progressively responsible administrative experience in Information Technology audit compliance regulations such as Business Continuity and Disaster Recovery as defined by the Disaster Recovery Institute International (DRII) or similar standards.
  2. Three (3) years of progressively responsible administrative experience with security risk standards such as the National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF) and NIST Risk Management Framework (RMF).
  3. Three (3) years of progressively responsible administrative experience with control standards such as COBIT or related technologies.
  4. Three (3) years of professional experience supervising professional information technology staff.
  5. Three (3) years of professional experience applying project management concepts.
  6. Three (3) years professional experience supporting enterprise-wide security compliance programs designed to anticipate, assess, and minimize control gaps and audit findings.
  7.  Extensive knowledge of some of the major regulatory frameworks (e.g., PCI DSS, HIPAA, MARS-E, IRS Pub 1075).
  8. Three (3) years professional experience reviewing information from audits to ensure resolutions have been satisfactory implemented or determines if further action is necessary.
  9. Developed verbal and written communication skills to present technical information to others with clarity and precision.
  10. Certifications in information security or compliance (CISSP, CISM, CRISC, CISA).

Conditions of Employment

Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position. 

  1. Requires the ability to verify identity.
  2. Requires employment authorization to accept permanent full-time position with the State of Illinois.
  3. Requires the ability to pass a position specific, agency required background check.
  4. Requires self-disclosure of criminal history. 
  5. Requires the ability to travel in performance of duties.
  6. Requires the ability to work outside of normal hours to meet deadlines.
  7. Requires the ability to serve in an on-call capacity.
  8. Requires the ability to work overtime including scheduled, unscheduled, short notice, evenings, weekends, and holidays.
  9. Requires the ability to attend seminars, conferences, and training to remain current on methods, tools, ideologies, or other industry related topics relevant to job duties.
  10. Requires the ability to lift and carry objects or equipment weighing up to 10 pounds. This is considered sedentary work as defined by the U.S. Department of Labor (20 CFR 404.1567(a)). Sedentary work involves lifting no more than 10 pounds at a time and requires occasional lifting, carrying, walking, and standing. 
     

The conditions of employment listed here are incorporated and related to any of the job duties as listed in the job description.     

Work Hours:  M-F 8:30am - 5:00pm  
Work Location: 100 South Grand Ave E, Springfield, Illinois, 62762  
Agency Contact:  Lois Green

Email: lois.d.green@illinois.gov

Posting Group:  Leadership & Management  

 

This position DOES contain “Specialized Skills” (as that term is used in CBAs).

 

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.

 

APPLICATION INSTRUCTIONS

Use the “Apply” button at the top right or bottom right of this posting to begin the application process.

If you are not already signed in, you will be prompted to do so. 

State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon. 

Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon.  If you have never before signed in, you will be prompted to create an account.

If you have questions about how to apply, please see the following resources:

State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid

Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.

 

The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:

  • donotreply@SIL-P1.ns2cloud.com
  • systems@SIL-P1.ns2cloud.com
Apply now Apply later
  • Share this job via
  • 𝕏
  • or
Job stats:  1  0  0
Categories: Admin Jobs Compliance Jobs

Tags: Audits CISA CISM CISO CISSP Cloud COBIT Compliance CRISC HIPAA Mainframe NIST PCI DSS POA&M Risk management RMF Travel Windows

Perks/benefits: Career development Competitive pay Conferences Flex hours Flex vacation Health care Insurance Medical leave Parental leave

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsCompTIA jobsDocker jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsIT infrastructure jobsSOC 2 jobsAnsible jobsJavaScript jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs