Apply on Employer Site

Minnesota IT Services · 12 hours ago

Information Security Engineer

St Paul, MN

Full-time

Hybrid

Senior Level, Lead/Staff

$83K/yr - $142K/yr

5+ years exp

Minnesota IT Services is a team of over 2,800 professionals dedicated to improving the lives of Minnesotans through technology. They are seeking a Principal Information Security Engineer to lead the protection of the state's vital information and systems, focusing on Governance, Risk, and Compliance (GRC) to foster a strong security culture within the organization.

AppsInformation TechnologyIT Infrastructure

Comp. & Benefits

No H1B

Responsibilities

Mentor and train team members to build skills, share knowledge, and promote best practices

Design and Implement security controls that meet state and federal standards

Coordinate and support audits, both internal and external; help develop corrective action plans and track progress

Lead security assessments from planning through completion, including defining scope, assigning tasks, monitoring progress, and ensuring timely delivery

Prepare and maintain security documentation, such as System Security Plans (SSPs), Plans of Action and Milestones (POAMs), and other required documentation

Monitor and report on compliance with security policies and regulatory requirements

Acting as a primary liaison with federal agency partners to support compliance efforts, security assessments, and audit engagements

Collaborate with IT and business teams to integrate security into projects and daily operations; provide subject matter expertise as needed

Represent the security team in meetings, audits, and planning sessions as an expert in information security governance, risk, and compliance

Promote a culture of security awareness, encouraging proactive identification and mitigation of risks

Qualification

GRC experienceSecurity governanceRisk assessmentUnix/Linux/WindowsTechnical documentationCommunication skillsCustomer-focused approach

Required

Minimum of five (5) years of IT related experience in information security engineer or related information security role

Experience serving in the role of Team Lead, Principal or Architect level position

GRC experience leading federal regulatory reviews and compliance activities, coordinating audits, developing policies, or reporting on security metrics

Experience with security governance, risk assessment, and compliance management

Comfortable working with Unix, Linux, and Windows operating systems, and familiar with the tools used to manage them

Able to create or review technical documentation and make sure it's clear and accurate

Demonstrated ability to communicate clearly and effectively in a manner that facilitates mutual understanding

Customer-focused approach grounded in active listening, empathy, and solution-oriented problem-solving to deliver positive user experiences

Preferred

Education in Information Technology (IT) or an IT related field may substitute for experience as follows: a master's degree for eighteen (18) months of experience; a bachelor's degree for one (1) year; and an associate's degree for six (6) months