Control Automation Analyst II (Information Systems Analyst II, Opt S)

Position Overview

Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. This position serves as a Control Automation Analyst II for the Department of Innovation & Technology (DoIT), performing complex, in-depth analysis of the DoIT Division of Information Security services delivered to State agencies and applies best practice guidelines, processes, and procedures related to the monitoring of the implementation and effectiveness of information security controls. Additionally, you will serve as a team leader for large projects.
If you possess these knowledges, skills, abilities, and experience, we invite you to apply for this position to join the DoIT Team!

As a State of Illinois employee, you receive a comprehensive benefits package including:

• Competitive Group Insurance benefits including health, life, dental and vision plans.
• Flexible work schedules (when available and dependent upon position).
• 10 -25 days of paid vacation time annually (10 days for first year of state employment).
• 12 days of paid sick time annually which carryover year to year.
• 3 paid personal business days per year.
• 13-14 paid holidays per year dependent on election years.
• 12 weeks of paid parental leave.
• Pension plan through the State Employees Retirement System.
• Deferred Compensation Program – voluntary supplemental retirement plan.
• Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP).
• Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility.

For more information regarding State of Illinois Benefits follow this link: https://www2.illinois.gov/cms/benefits/Pages/default.aspx

Essential Functions

• Under administrative direction, serves as a Control Automation Analyst II for the Department of Innovation & Technology (DoIT), performing complex, in-depth analysis of the DoIT Division of Information Security services delivered to State agencies and applying best practice guidelines, processes, and procedures related to monitoring implementation and effectiveness of information security controls.
• Conducts compliance assessments and analyzes and interprets the results to provide recommendations to DoIT Information Security management, utilizing a risk-based approach to best protect State IT resources.
• Develops and successfully applies the strategic plans associated with DoIT policy, compliance, data security, user awareness, legal discovery, and other issues governing data security and compliance.
• Serves as a team leader for large multifaceted projects determining and coordinating project components such as project scheduling and assignments while independently planning, developing, and implementing techniques for gathering and interpreting data.
• Keeps abreast of new developments in the information technology field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures.
• Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.

Minimum Qualifications

• Requires knowledge, skill, and mental development equivalent to four (4) years of college with coursework in computer science or directly related fields.
• Requires three (3) years of professional experience in System Services or a related Information Technology field.

Specialized Skills

• Requires three (3) years of professional experience implementing and managing the ServiceNow Audit Module including, planning, scheduling, tracking findings, documenting remediation efforts, configuring workflows, managing audit records, and ensuring alignment with organizational polices and external compliance requirements.
• Requires three (3) years of professional experience utilizing the ServiceNow Policy and Compliance Module to manage structured workflows for the review, approval, and ongoing monitoring of information security privacy policies and procedures, including, clearly communicating policy content to stakeholders.
• Requires three (3) years of professional experience reviewing security assessment data to identify potential risks, develop action plans for remediation, and tracking resolution efforts to reduce risk to an acceptable level.
• Requires three (3) years of professional information security experience applying regulatory IT control frameworks such as IRS Publication 1075 (Tax Information Security Guidelines) and the FBI Criminal Justice Information Services (CJIS), including communicating associated compliance requirements and risks to agency leadership.

Preferred Qualifications

• Three (3) years of professional experience implementing and managing the ServiceNow Audit Module including, planning, scheduling, tracking findings, documenting remediation efforts, configuring workflows, managing audit records, and ensuring alignment with organizational polices and external compliance requirements.
• Three (3) years of professional experience utilizing the ServiceNow Policy and Compliance Module to manage structured workflows for the review, approval, and ongoing monitoring of information security privacy policies and procedures, including, clearly communicating policy content to stakeholders.
• Three (3) years of professional experience reviewing security assessment data to identify potential risks, develop action plans for remediation, and tracking resolution efforts to reduce risk to an acceptable level.
• Three (3) years of professional information security experience applying regulatory IT control frameworks such as IRS Publication 1075 (Tax Information Security Guidelines) and the FBI Criminal Justice Information Services (CJIS), including communicating associated compliance requirements and risks to agency leadership.
• Three (3) years of professional experience conducting compliance assessments and interpreting results, using risk-based methodologies to inform IT risk mitigation strategies and safeguard critical systems and data.
• Working knowledge of information security data protection standards, including Personally Identifiable Information (PII) and Payment Card Industry (PCI) compliance.
• Ability to logically evaluate operational or procedural issues and recommend data-driven solutions.
• Ability to gain and maintain effective working relationships with associates, vendors, clients, and others.
• Ability to coordinate the activities of work associates to achieve project goals, including delegating tasks, monitoring progress, and ensuring adherence to quality standards.
• Developed verbal and written communication skills to convey complex technical information clearly and concisely to both technical and non-technical audiences.

Conditions of Employment

NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position.

• Requires the ability to verify identity.
• Requires employment authorization to accept permanent full-time position with the State of Illinois.
• Requires the ability to pass a position specific, agency required background check and requires self-disclosure of criminal history.
• Requires the ability to travel in the performance of duties.
• Requires the ability to work outside of normal hours to meet deadlines.
• Requires the ability to use agency supplied equipment such as laptop, personal computer, work cell phone, etc.
• Requires the ability to work overtime including scheduled, unscheduled, short notice, evening, weekends, and holidays.
• Requires the ability to attend seminars, conferences, and training to remain current on methods, tools, ideologies, or other industry related topics relevant to job duties.
• Requires the ability to lift and carry objects or equipment weighing up to 10 pounds. This is considered sedentary work as defined by the U.S. Department of Labor (20 CFR 404.1567(a)). Sedentary work involves lifting no more than 10 pounds at a time and requires occasional lifting, carrying, walking, and standing.
• The conditions of employment listed are incorporated and/or related to any duties included in the position description.

About the Agency

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation, and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.