Information Security & Audit Compliance Manager (SENIOR PUBLIC SERVICE ADMINISTRATOR Option 3)
State of Illinois
- Springfield, IL
- Permanent
- Full-time
- Competitive Group Insurance benefits including health, life, dental and vision plans
- Flexible work schedules (when available and dependent upon position)
- 10 -25 days of paid vacation time annually (10 days for first year of state employment)
- 12 days of paid sick time annually which carryover year to year
- 3 paid personal business days per year
- 13-14 paid holidays per year dependent on election years
- 12 weeks of paid parental leave
- Pension plan through the State Employees Retirement System
- Deferred Compensation Program – voluntary supplemental retirement plan
- Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
- Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility
- Manages the Department of Human Services (DHS) state-wide information system security process.
- Administers security policies, programs and initiatives aligning them with the business objectives of DoIT/DHS.
- Confers with the Department of Innovation & Technology (DoIT) to coordinate state-wide security policy implementation in alignment with enterprise security architecture, National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF), Rick Management Framework (RMF) and Control Objectives for Information and Related Technologies (COBIT) Standards.
- Develops DoIT/DHS Information Security Policies, Business Continuity and Disaster Recovery best practices and processes as defined by the Disaster Recovery Institute International (DRII) standards.
- Manages processes for responding to Freedom of Information Act (FOIA) and similar requests from DHS management.
- Assigns and reviews work.
- Provides guidance and training to assigned staff.
- Counsels staff regarding work performance.
- Reassigns staff to meet day-to-day operating needs.
- Establishes annual goals and objectives.
- Approves time off.
- Adjusts first level grievances.
- Effectively recommends and imposes discipline, up to and including discharge.
- Prepares and signs performance evaluations.
- Determines and recommends staffing needs.
- Independently or through subordinate staff, interfaces with other state and federal agencies regarding audits, data sharing agreements, and other information security-related issues.
- Resolves disputes with requesting staff in the event requests are denied or modified through the approval process.
- Keeps abreast of new developments in the Information Technology field by attending training, conferences, and seminars.
- Requires knowledge, skill, and mental development equivalent to completion of four (4) years college preferably with coursework in computer science, management information systems, information technology or related fields.
- Requires four (4) years of progressively responsible administrative experience in Information Technology Audits and Security.
- Requires three (3) years of experience supervising a team of IT professionals
- Four (4) years of professional experience working with the National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF), NIST Risk Management Framework (RMF) and Control Objectives for Information and Related Technologies (COBIT) framework.
- Four (4) years of professional experience with Information Security Policies, Business Continuity and Disaster Recovery best practices, processes as defined by the Disaster Recovery Institute International (DRII), and/or similar standards.
- Four (4) years of professional experience managing an IT system security program for a public or private organization.
- Four (4) years of professional experience developing information system security policies and procedures for a large public or private organization.
- Four (4) years of professional experience working with internal and external information technology audits for a public or private organization.
- Ability to analyze administrative problems and adopt an effective course of action.
- Ability to develop and maintain cooperative working relationships.
- Demonstrated verbal and written communication skills.
- Certification in one or more of the following: Certified Information Systems Security Professional (CISSP – ISC (2)); Certified Information Security Manager (CISM - ISACA); Certified Information Systems Auditor (CISA – ISACA); Certified Business Continuity Professional (BCP – DRI International); Governance, Risk and Compliance Certification (CGRC – ISC (2)); Certified Risk and Information Systems Control.
- Requires employment authorization to accept permanent full-time position with the State of Illinois
- Requires ability to pass a position specific, agency required background check.
- Requires ability to work outside of normal business hours to meet deadlines.
- Requires ability to use agency-supplied equipment (cell phone, laptop, etc.).
- Requires ability to attend seminars, conferences, and trainings to stay current on methods, tools, ideologies, or other industry related topics relevant to the job duties.
- Requires ability to lift and carry objects weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.
- Requires the ability to travel in performance of duties.
- Requires the ability to serve in an on-call capacity.
Posting Group: Leadership & Management; Science, Technology, Engineering & MathematicsThe Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.Revolving Door:
Certain provisions of the revolving door restrictions contained in 5 ILCS 430/5-45 apply to this position. As a result, the employee should be aware that if offered non-State employment during State employment or within one year immediately after ending State employment, the employee shall, prior to accepting any such non-State employment offer, notify the Office of the Executive Inspector General for the Agencies of the Illinois Governor (“OEIG”) or may be subject to a fine.Term Appointment:
Candidates hired into a term position shall be appointed for a term of 4 years and are subject to a probationary period. The term may be renewed for successive four-year terms at the Director of the Department of Innovation and Technology’s discretion.The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:
- donotreply@SIL-P1.ns2cloud.com
- systems@SIL-P1.ns2cloud.com