What are the responsibilities and job description for the Information Security & Audit Compliance Manager (SPSA Opt. 3) position at illinois?
Job Requisition ID: 45232
Posting Date: 03/05/2025
Closing Date/Time: 03/18/2025
Agency: Department of Innovation and Technology
Class Title: SENIOR PUBLIC SERVICE ADMINISTR - 40070
Skill Option: Management Information System/Data Processing/Telecommunications
Bilingual Option: None
Salary: Anticipated Starting Salary: $10,417-$11,250/Monthly ($125,000-$135,000/Annually)
Job Type: Salaried
Category: Full Time
County: Sangamon
Number of Vacancies: 1
Plan/BU: Term Appointment
****A RESUME IS REQUIRED FOR THIS JOB POSTING****
Please attach a DETAILED Resume/Curriculum Vitae (CV), a copy of your transcripts or diploma for all degrees
earned, and a copy of any applicable professional licensures to the MY DOCUMENTS section of your
application. Please note that the Department of Innovation and Technology must verify proof of higher education for
any degree earned (if applicable) before any offer can be extended. You WILL NOT be considered for the
position if you attach a CMS100, CMS100b or any other document in lieu of a Resume or CV.
Job Identification # 45232
Why Work for Illinois?
Working with the State of Illinois is a testament to the values of compassion, equity, and dedication that define our state. Whether you’re helping to improve schools, protect our natural resources, or support families in need, you’re part of something bigger—something that touches the lives of every person who calls Illinois home.
No matter what state career you’re looking for, we offer jobs that fit your life and your schedule—flexible jobs that provide the gold standard of benefits. Our employees can take advantage of various avenues to advance their careers and realize their dreams. Our top-tier benefits and great retirement packages can help you build a rewarding career and lasting future with the State of Illinois.
Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as the Information Security & Audit Compliance Manager to lead our team supporting the Department of Human Services (DHS). The DoIT Team at DHS is leading a transformation to modernize the way citizens interact with the State of Illinois agency responsible for providing a wide variety of services to Illinois residents. The DoIT team at DHS is seeking to hire a candidate with strong technical and people skills to serve as the Information Security & Audit Compliance Section Manager responsible for managing DHS state-wide information system security process. The successful candidate will need to be highly analytical, professional, communicate effectively, and possess excellent organizational skills. If you possess these knowledges, skills, abilities, and experience, we invite you to apply for this position to join the DoIT Team!
As a State of Illinois employee, you receive a comprehensive benefits package including:
-
Competitive Group Insurance benefits including health, life, dental and vision plans.
-
Flexible work schedules (when available and dependent upon position)
-
10 -25 days of paid vacation time annually (10 days for first year of state employment)
-
12 days of paid sick time annually which carryover year to year
-
3 paid personal business days per year
-
13-14 paid holidays per year dependent on election years
-
12 weeks of paid parental leave
-
Pension plan through the State Employees Retirement System
-
Deferred Compensation Program – voluntary supplemental retirement plan
-
Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
-
Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility
For more information regarding State of Illinois Benefits follow this link: https://www2.illinois.gov/cms/benefits/Pages/default.aspx
Essential Functions
- Subject to management approval, serves as the Information Security & Audit Compliance Manager for the Department of Innovation & Technology (DoIT), supporting the Department of Human Services (DHS) managing the agency’s state-wide information system security process.
- Serves as full-line supervisor.
- Oversees internal and external audit and compliance processes related to DoIT/DHS information systems.
- Independently, and with the support of subordinate staff, ensures the proper application of processes for approving or denying user requests for access to DoIT/DHS-specific information systems.
- Develops, implements, and monitors information system security controls for system access across DHS in accordance with IDHS, DoIT, and other state/federal requirements.
- Performs other duties as assigned or required which are reasonably within the scope of duties enumerated above.
Minimum Qualifications
- Requires knowledge, skill, and mental development equivalent to completion of four (4) years college preferably with coursework in computer science, management information systems, information technology, or related fields.
- Requires four (4) years of progressively responsible administrative experience in Information Technology Audits and Security.
- Requires three (3) years of experience supervising a team of IT professionals.
Preferred Qualifications
- Four (4) years of professional experience managing an IT system security program including implementing and managing enterprise IT security policies in alignment with NIST Cybersecurity Framework (CSF), Risk Management Framework (RMF), and Control Objectives for Information and Related Technologies (COBIT) framework for a public or private organization.
- Four (4) years of professional experience in developing, implementing, and managing Information Security Policies, Business Continuity Plans, and Disaster Recovery processes, with a strong understanding of best practices and standards defined by the Disaster Recovery Institute International (DRII) and similar frameworks.
- Four (4) years of professional experience developing and administering security policies, programs, and initiatives that align with organizational business objectives and enterprise security architecture for a large public or private organization.
- Four (4) years of professional experience managing state-wide or large-scale processes for responding to regulatory compliance audits, including FOIA and other information requests including working with internal and external information technology auditors.
- Three (3) years of experience leading technical teams, including overseeing performance evaluations, providing training, managing disciplinary actions, and aligning team objectives with organizational goals.
- Ability to analyze complex technical systems, identify risks and opportunities and interpret data-driven insights to develop strategic solutions in support of organizational and security objectives.
- Ability to develop and maintain collaborative relationships with diverse stakeholders, fostering strategic partnerships that drive organizational success and align with shared goals.
- Demonstrated verbal and written communication skills with the ability to clearly convey complex technical concepts to diverse audiences, produce concise and precise documentation, and foster collaboration across organizational levels to achieve strategic goals.
- Certification in one or more of the following: Certified Information Systems Security Professional (CISSP – ISC (2); Certified Information Security Manager (CISM - ISACA); Certified Information Systems Auditor (CISA – ISACA); Certified Business Continuity Professional (BCP – DRI International); Governance, Risk and Compliance Certification (CGRC – ISC (2); Certified Risk and Information Systems Control.
Conditions of Employment
NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.
- Requires the ability to verify identity.
- Requires employment authorization to accept permanent full-time position with the State of Illinois
- Requires ability to pass a position specific, agency required background check.
- Requires self-disclosure of criminal history.
- Requires ability to work outside of normal business hours to meet deadlines.
- Requires ability to use agency-supplied equipment (cell phone, laptop, etc.).
- Requires ability to attend seminars, conferences, and trainings to stay current on methods, tools, ideologies, or other industry related topics relevant to the job duties.
- Requires ability to lift and carry objects weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.
- Requires the ability to travel in performance of duties.
- Requires the ability to serve in an on-call capacity.
The conditions of employment listed are incorporated and/or related to any duties included in the position description.
Work Hours: Monday-Friday 8:30-5:00pm
Work Location: Springfield - 100 South Grand Ave E
Agency Contact:
Brittany Vespa
Brittany.Vespa2@Illinois.gov
Posting Group: Leadership & Management
Term Appointment:
Candidates hired into a term position shall be appointed for a term of 4 years and are subject to a probationary period. The term may be renewed for successive four-year terms at the Director of the Department of Innovation and Technology’s discretion.
The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.
The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:
- donotreply@SIL-P1.ns2cloud.com
- systems@SIL-P1.ns2cloud.com
Salary : $125,000 - $135,000
