Apply on Employer Site

Minnesota IT Services · 1 day ago

Information Security Engineer - Risk and Compliance Lead

St Paul, MN

Full-time

Hybrid

Senior Level

$83K/yr - $142K/yr

5+ years exp

Minnesota IT Services is the information technology agency for the State of Minnesota, dedicated to delivering secure and reliable technology solutions. The role of Information Security Engineer - Risk and Compliance Lead involves shaping and strengthening the Information Security Program, focusing on Governance, Risk, and Compliance to protect the state's critical information and systems.

AppsInformation TechnologyIT Infrastructure

Comp. & Benefits

No H1B

Responsibilities

Mentor and train team members to build skills, share knowledge, and promote best practices

Design and Implement security controls that meet state and federal standards

Coordinate and support audits, both internal and external; help develop corrective action plans and track progress

Lead security assessments from planning through completion, including defining scope, assigning tasks, monitoring progress, and ensuring timely delivery

Prepare and maintain security documentation, such as System Security Plans (SSPs), Plans of Action and Milestones (POAMs), and other required documentation

Monitor and report on compliance with security policies and regulatory requirements

Acting as a primary liaison with federal agency partners to support compliance efforts, security assessments, and audit engagements

Collaborate with IT and business teams to integrate security into projects and daily operations; provide subject matter expertise as needed

Represent the security team in meetings, audits, and planning sessions as an expert in information security governance, risk, and compliance

Promote a culture of security awareness, encouraging proactive identification and mitigation of risks

Qualification

GRC experienceSecurity governanceRisk assessmentUnix/Linux/WindowsAzure experienceCISSP certificationTechnical documentationCommunication skillsCustomer-focused approach

Required

Position requires a minimum of five (5) years of IT related experience in information security engineer or related information security role

Experience serving in the role of Team Lead, Principal or Architect level position

GRC experience leading federal regulatory reviews and compliance activities, coordinating audits, developing policies, or reporting on security metrics

Experience with security governance, risk assessment, and compliance management

Comfortable working with Unix, Linux, and Windows operating systems, and familiar with the tools used to manage them

Able to create or review technical documentation and make sure it's clear and accurate

Demonstrated ability to communicate clearly and effectively in a manner that facilitates mutual understanding

Customer-focused approach grounded in active listening, empathy, and solution-oriented problem-solving to deliver positive user experiences

Education in Information Technology (IT) or an IT related field may substitute for experience as follows: a master's degree for eighteen (18) months of experience; a bachelor's degree for one (1) year; and an associate's degree for six (6) months

Preferred

Strong Azure experience, specifically within the IAM, architecture, compliance and security areas

Certified Information Systems Security Professional (CISSP) or the ability to certify within one (1) year of hire

Other technologies or certifications: CISA, CISM, Security+, MS Azure or other relevant information security certification

Experienced in using risk management tools

Benefits

Paid vacation and sick leave

12 paid holidays each year

Low-cost medical, dental, vision, and prescription drug plans

Fertility care, including IVF

Diabetes care

Dental and orthodontic care for adults and children

6 weeks paid leave for parents of newborn or newly adopted children

Pension plan that provides income when you retire (after working at least three years)

Employer paid life insurance to provide support for your family in the event of death

Short-term and long-term disability insurance that can provide income if you are unable to work due to illness or injury

Tax-free expense accounts for health, dental, and dependent care

Resources that provide support and promote physical, emotional, social, and financial well-being

Training, classes, and professional development

Tuition reimbursement

Federal Public Service Loan Forgiveness Program (Some positions may qualify for the Public Service Loan Forgiveness Program. For more information, visit the Federal Student Aid website at studentaid.gov)

Employee Assistance Program (EAP) for work/life support

A voluntary confidential program that helps employees and their families with life challenges that may impact overall health, personal well-being, or job performance

Common sources of stress can be addressed through the EAP: mental health, relationship challenges (personal and work), grief and loss, finances, and legal issues

Daily Living/Convenience Services: Chore services, home repair, trip planning, child/elder care