You are viewing a preview of this job. Log in or register to view more details about this job.

Cybersecurity and Risk Compliance Manager

Illinois Department of Innovation and Technology
Email

Job Title: Security & Risk Compliance Manager

Job Requisition ID: 49337

Closing Date: 09/04/2025

Salary: $8,281 a month

Work Hours: M-F 8:30AM - 5:00PM

Work Location: (Hybrid) 100 South Grand Ave E, Springfield, Illinois, 62762

Union Position: Yes

Work authorization: US work authorization required at time of application. No sponsorship available. Not eligible for F1 OPT/CPT. Positions are W2 only and cannot be converted to a contract position. If you have questions about your work authorization eligibility, please email doit.recruitment@illinois.gov. 

Questions? Email doit.recruitment@illinois.gov

Transcripts are required for consideration.

 

Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. 

This position serves as the Security & Risk Compliance Manager for the Department of Innovation & Technology (DoIT) supporting the Illinois Department of Human Services (IDHS), in organizing, planning, executing, controlling, and evaluating management functions necessary to ensure a high-level of information security, privacy, compliance, and continuity related to the Agency's computerized systems including the Integrated Eligibility System (IES). 

In this role, you will provide and maintain an effective and efficient process to give state and external entities authorized access to agency data. 

Additionally, you will serve as a working supervisor for the IES Security Analysts in assigning and reviewing work, providing guidance and training, establishing goals and objectives, and conducting performance evaluations. 

If you possess these knowledges, skills, abilities and experience, we invite you to apply for this position to join the DoIT Team!

 

Why Work for Illinois?

Working with the State of Illinois is a testament to the values of compassion, equity, and dedication that define our state. Whether you’re helping to improve schools, protect our natural resources, or support families in need, you’re part of something bigger—something that touches the lives of every person who calls Illinois home.

No matter what state career you’re looking for, we offer jobs that fit your life and your schedule—flexible jobs that provide the gold standard of benefits. Our employees can take advantage of various avenues to advance their careers and realize their dreams. Our top-tier benefits and great retirement packages can help you build a rewarding career and lasting future with the State of Illinois.

 

As a State of Illinois employee, you receive a comprehensive benefits package including:
•    Competitive Group Insurance benefits including health, life, dental and vision plans
•    Flexible work schedules (when available and dependent upon position)
•    10 -25 days of paid vacation time annually (10 days for first year of state employment)
•    12 days of paid sick time annually which carryover year to year
•    3 paid personal business days per year
•    13-14 paid holidays per year dependent on election years
•    12 weeks of paid parental leave
•    Pension plan through the State Employees Retirement System
•    Deferred Compensation Program – voluntary supplemental retirement plan
•    Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
•    Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility


For more information regarding State of Illinois Benefits follow this link: https://www2.illinois.gov/cms/benefits/Pages/default.aspx

 

Essential Functions

•    Under administrative direction, serves as the Security & Risk Compliance Manager for the Department of Innovation & Technology (DoIT) supporting the Illinois Department of Human Services (IDHS) organizing, planning, executing, controlling, and evaluating management functions necessary to ensure a high-level of information security, privacy, compliance, and continuity related to the Agency's computerized systems including the Integrated Eligibility System (IES).
•    Performs security and privacy risk assessments, identifying threats and risks to information and provides potential corrective action alternatives.  
•    Monitors and generates security authorization reporting systems which are developed to notify local managers of staff access, capabilities, and possible violations. 
•    Serves as working supervisor for IES Information Security Analysts. 
•    Develops, researches, and acquires security enhancements for the protection of agency resources and performs complex advisory and consultive assistance for all RACF coordinators. 
•    Verifies designs for new systems or revisions to existing systems and prepossess adequate internal controls, maximum security resources, and ensures compliance with the Bureaus other information technology best practices. 
•    Provides and maintains an effective and efficient violation reporting process, by analyzing the current violation reporting process, the collection and resubmission of responses, acknowledgement of responses, and updating of the reporting system. 
•    Keeps abreast of new developments in the information technology field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures. 
•    Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.

 

Minimum Qualifications

•    Requires knowledge, skill, and mental development equivalent to the completion of four (4) years of college with coursework in management information systems, data processing, telecommunications, or a direct Information Technology related field.  
•    Requires prior experience equivalent to three (3) years of progressively responsible administrative experience in management information systems, data processing, or telecommunications in a public or business organization.

 

Preferred Qualifications

•    Three (3) years of professional experience managing IT security and privacy compliance efforts, including application continuity planning, disaster recovery coordination, and compliance with federal or state standards (e.g., NIST). 
•    Three (3) years of professional experience performing security risk assessments and identifying hardware, software, or procedural vulnerabilities, with documented mitigation plans aligned to internal security policies and frameworks such as NIST SP 800-53. 
•    Three (3) years of professional experience supervising a team of IT professionals, including assigning and reviewing work, mentoring, performance management, and aligning team performance with organizational priorities. 
•    Three (3) years of professional experience applying information security and privacy compliance principles related to system confidentiality, integrity, availability, and authentication in support of enterprise systems or applications.
•    Three (3) years of professional experience developing or implementing policies, procedures and controls for IT systems to support compliance with NIST Cyber Security Framework and related regulatory standards. 
•    Two (2) years of professional experience handling sensitive or confidential information and ensuring secure transmission, access, and storage consistent with NIST or equivalent standards.
•    Ability to analyze operational data, evaluate security or compliance gaps, and develop actionable recommendations or procedural improvements.
•    Ability to gain and maintain professional  working relationships with cross-functional teams, external partners, and vendors in support of security, access, or compliance functions.
•    Developed verbal and written communication skills to present technical information clearly and precisely to diverse audiences, including business users, development teams, and agency executives.
•    Certified Information Security Systems Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) certification.

 

 

Conditions of Employment

NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position. 

•    Requires the ability to verify identity.
•    Requires employment authorization to accept permanent full-time position with the State of Illinois.
•    Requires the ability to pass a position specific, agency required background check.
•    Requires self-disclosure of criminal history. 
•    Requires the ability to travel in the performance of duties.
•    Requires the ability to use agency supplied equipment such as laptop, personal computer, work cell phone and any other required equipment or devices.
•    Requires the ability to attend seminars, conferences, and training to remain current on methods, tools, ideologies or other industry related topics relevant to job duties.
•    Requires the ability to lift and carry objects or equipment weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds. 

The conditions of employment listed are incorporated and/or related to any duties included in the position description.