×

Please log in to continue...

Login

INFORMATION SYSTEMS ANALYST II Opt M (Information Security and Risk Officer)

Agency : Department of Innovation and Technology
Start Date: 09/21/2023

Closing Date/Time: 10/04/2023
Salary: $6,805.00 – $10,333.00/month CBA Applies – Anticipated starting slaary for non-state is $6,805.00/month
Job Type: Salaried Full Time
County: Sangamon
Number of Vacancies: 1
Plan/BU: RC063

This position is a union position; therefore, provisions of the relevant collective bargaining agreement/labor contract apply to the filling of this position.

All applicants who want to be considered for this position MUST apply electronically through the illinois.jobs2web.com website. State of Illinois employees should click the link near the top left to apply through the SuccessFactors employee career portal.

Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.

TRANSCRIPTS ARE REQUIRED. IF TRANSCRIPTS ARE NOT UPLOAED, YOU WILL NOT BE CONSIDERED FOR THIS POSITION

Posting Identification Number 31014

The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as the Information Security and Risk Officer supporting the Department of Insurance (DOI). In this role you will lead strategic risk management for data security ensuring compliance with state and federal standards. In addition, you will conduct technical research for optimal risk mitigation and recommend implementation of security policies. This position performs innovative technology planning while ensuring seamless project coordination and provides expert guidance to foster a security and cutting-edge IT environment. If you possess these knowledges, skills, abilities and experience, we invite you to apply and join the DoIT Team!

As a State of Illinois employee, you receive a comprehensive benefits package including:

  • Competitive Group Insurance benefits including health, life, dental and vision plans.
  • Flexible work schedules (when available and dependent upon position)
  • 10 -25 days of paid vacation time annually (10 days for first year of state employment)
  • 12 days of paid sick time annually which carryover year to year
  • 3 paid personal business days per year
  • 13-14 paid holidays per year dependent on election years
  • 12 weeks of paid maternity/paternity leave.
  • Pension plan through the State Employees Retirement System
  • Deferred Compensation Program – voluntary supplemental retirement plan
  • Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan
  • (DCAP)
  • Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility

For more information regarding State of Illinois Benefits follow this link:

https://w ww2.illinois.gov/cms/benefits/Pages/default.aspx

Job Responsibilities

35% Under administrative direction, serves as the Information Security and Risk Officer for the Department of Innovation & Technology (DoIT), supporting the Department of Insurance (DOI):

  • Administers security policies, programs and initiatives aligning them with the business objectives of DOI.
  • Performs complex professional and advisory functions in administering risk management functions related to the identification, assessment and remediation of data security risks presented by in-house information software and hardware technologies.
  • Coordinates and conducts complex technical support and delivery of security policy, standards, processes, procedures and guidelines using industry best practices and Agency identified framework.
  • Conducts and coordinates in-depth technical research on interactions with all business areas to identify information risk components, internal security controls and compliance with risk mitigation methods.
  • Coordinates with, assists and supports Agency’s GRC team in conducting risk assessments as scheduled
  • Completes management and audit reports and tracks remediation efforts.
  • Administers security related policies and procedures and coordinates related training and Cyber Security awareness activities.
  • Administers and evaluates the agency’s business continuity plan and serves as the IT disaster preparedness coordinator responsible for analysis, design, development, testing, implementation, and review of the agency’s disaster recovery plan.
  • Provides guidance and advice concerning security activities to staff.
  • Stays abreast of current state and federal compliance requirements and initiates changes as needed.
  • Tracks third-party vendor due diligence activities and maintains compliance schedules.
  • Reviews third-party vendor contractual agreements and third-party audit reports for regulatory compliance
  • Coordinates information systems activities with internal and external auditors.
  • Performs reviews for compliance with the Fiscal Control and Internal Audit Act and completes related surveys.
  • Updates the Information Systems Internal Control Reference and the policies, standards and procedures documentation to ensure IT equipment loss is properly documented
  • Completes forms to process claim reimbursements.
  • Utilizes IT security controls including National Institute of Standards and Technology (NIST) standards in performance of duties.

30% Coordinates network planning, administration, and operations activities:

  • Monitors security vulnerabilities and updates with provided tools to coordinate appropriate fixes with assigned teams
  • Develops network and system requirements and reviews existing systems to evaluate and recommend new procedures and techniques to improve effectiveness.
  • Plans and coordinates system and hardware configurations, installations and removals.
  • Implements and carries out systems tuning to improve systems and software performance and to optimize hardware installation.
  • Maintains information logs for equipment locations, client access, software use and other system statistics and prepares system documentation.
  • Maintains access control of the Department’s computer resources including Resource Allocation Control Facility (RACF).
  • Coordinates access authorizations to external systems.
  • Coordinates Active Directory administration including organization unit and group policy implementation, responsible for implementation, maintenance, and monitoring of daily data backups.
  • Maintains comprehensive documentation describing network and operational considerations.

(Job Responsibilities continued)

15% Serves as project coordinator:

  • Determines and coordinates project components including project scheduling and assignments to ensure agency meets and maintains regulatory compliance.
  • Assigns and reviews the work of project staff.
  • Provides expertise, guidance and direction to staff.
  • Provides status reports to the supervisor regarding project completion and staff performance on projects.

10% Functions as IT liaison interacting with other state agencies and outside entities, including agencies of other states, the federal government, and the National Association of Insurance Commissioners (NAIC) to coordinate security for sharing of data:

  • Researches and reports on security violations and statistics

5% Keeps abreast of new developments in the Information Technology (IT) field:

  • Continues education by attending meetings, training sessions, seminars and conferences to increase familiarity with and maintain current on IT products, vendors, techniques and procedures.
  • Attends demonstrations and exhibitions related to assigned operations

5% Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.

Minimum Qualifications

  1. Requires knowledge, skill, and mental development equivalent to four (4) years of college with course work in computer science or directly related fields.
  2. Requires three (3) years of professional experience related to cybersecurity administration, risk assessment, networking infrastructure, or a related Information Technology field.

Specialized Skils

  1. Requires three (3) years of professional experience with IT security controls including National Institute of Standards and Technology (NIST) standards.
  2. Requires three (3) years of professional experience with data security including encryption, intrusion detection, firewalls and virus protection.

Preferred Qualifications (In Order of Significance)

  1. Three (3) years of professional experience with IT security controls including National Institute of Standards and Technology (NIST) standards.
  2. Three (3) years of professional experience with data security including encryption, intrusion detection, firewalls and virus protection.
  3. Three (3) years of professional experience with Threat Intelligence or Vulnerability Management.
  4. Three (3) years of professional experience managing, administering, and maintaining institutional technology infrastructure, including network connectivity, Internet access, wireless access and email.
  5. Three (3) years of professional experience with coordinating or leading projects.
  6. Extensive knowledge of LAN/WAN topologies and architecture.
  7. Extensive knowledge of office automation tools such as Word and Excel.
  8. Ability to analyze data logically and exercise sound judgment in defining and evaluating problems of an operational or procedural nature.
  9. Ability to gain and maintain effective working relationships with associates, vendors, clients, and others.
  10. Ability to coordinate the activities of work associates to achieve desired results.
  11. Developed verbal and written communication skills to present technical information to others with clarity and precision.
  12. Certifications related to Information Security such as CISSP, GSEC, CRISC etc.
  13. Certifications related to networking infrastructure.

Conditions of Employment

  1. Requires ability to travel.
  2. Requires ability to pass a position specific, agency required background check.
  3. Requires ability to work outside of normal business hours to meet deadlines.
  4. Requires ability to use agency-supplied equipment (cell phone, laptop, etc.).
  5. Requires ability to attend seminars, conferences, and trainings to stay current on methods, tools, ideologies, or other industry related topics relevant to the job duties.
  6. Requires ability to lift and carry objects weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.

Work Hours: M-F / 8:30am – 5:00pm
Work Location: 320 W Washington St Springfield, IL 62767-1000
Agency Contact: Lois D. Green, lois.d.green@illinois.gov

Job Family: Science, Technology, Engineering & Mathematics

This position DOES contain “Specialized Skills” (as that term is used in CBAs).

The Department of Innovation & Technology (DolT) is the state’s IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards
development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT
delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois
residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their
potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.

APPLICATION INSTRUCTIONS

Use the “Apply” button at the top right or bottom right of this posting to begin the application process.

If you are not already signed in, you will be prompted to do so.

State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon.

Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon. If you have never before signed in, you will be prompted to create an account.

If you have questions about how to apply, please see the following resources:

State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid

Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.

The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:

  • donotreply@SIL-P1.ns2cloud.com
  • systems@SIL-P1.ns2cloud.com
Job Category
Science and Engineering
Job Type
unspecified
Salary
USD 6,805.00 per month
Country
United States
City
Springfield
Career Level
unspecified
Company
State of Illinois
JOB SOURCE
https://illinois.jobs2web.com/job/Springfield-INFORMATION-SYSTEMS-ANALYST-II-Opt-M-%28Information-Security-and-Risk-Officer%29-IL-62767/1078331600/