Share this Job

GRC Compliance Specialist I (INFORMATION SERVICES SPECIALIST I - OPTION S) (UMP)

We continually strive for a workforce that reflects the growing diversity within the State of Illinois. A variety of employee backgrounds, perspectives, ideas and experiences are crucial to our ability to most effectively serve the public. Bilingual skills welcome

Reasonable Accommodation Statement

The State of Illinois is committed to working with and providing reasonable accommodations to people with disabilities. Further, federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job, interview for a job, or for any other activity related to the hiring process. Examples of reasonable accommodation include, but are not limited to, making a change to the application process (if possible), providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

To be provided a Reasonable Accommodation during the hiring process, you will need to provide a certification of disability from a physician, psychiatrist, school official or an Illinois Department of Human Services (DHS) Division of Rehabilitation Services (DRS) Vocational Rehabilitation (VR) Counselor. Supporting documentation should be uploaded under My Documents → Additional Documents section for each application.

Any questions on Reasonable Accommodations can be directed to Central Management Services Disability Resource Center at CMS.DisabilityResCen@illinois.gov or call (217) 524-7514 for further information and to request or discuss an accommodation.

Sponsorship for Employment

The State of Illinois does not provide sponsorship for employment visa status (e.g. H-1B visa status). To be considered for permanent employment with the State of Illinois, applicants must be currently authorized to work in the United States on a full-time basis.

Disclosure of Salary Information

In compliance with the Illinois Equal Pay Act, 820 ILCS 112/1 et seq., the State does not seek, request, or require a job applicant’s wage or salary history.  Employment decisions are not made based on an applicant’s wage or salary history.  To that end, please do not include wage or salary information in your resume or other profile or application materials.

Date:  Nov 18, 2022
Location: 

Springfield, IL, US, 62702-5170

Job Requisition ID:  20863

Agency :  Department of Innovation and Technology 

Posting Date: 11/21/2022
Closing Date/Time: 12/06/2022
 
Salary:   $4,738 - $6,964  
Job Type:   Salaried Full Time  
County:   Sangamon  
Number of Vacancies:   5  
Plan/BU:   RC063  

 

This position is a union position; therefore, provisions of the relevant collective bargaining agreement/labor contract apply to the filling of this position.

 

All applicants who want to be considered for this position MUST apply electronically through the illinois.jobs2web.com website. State of Illinois employees should click the link near the top left to apply through the SuccessFactors employee career portal.

Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.

 

Posting Identification Number  20863

Performs, but is not limited to performing the following duties for the Department of Innovation and Technology: supports the agency's IT Governance, Risk and Compliance program in the Division of Information Security as directed by the Chief Information Security Officer and authorized managers; Works with experienced security, technical, and auditing personnel to monitor, assess, appraise, evaluate, and manage the agency's adherance to published policies and procedures and generally accepted best business practices that protect the confidentiality, integrity, and availability of IT resources. Works as a team member and/or as directed by authorized staff in monitoring, observing, interviewing, verifying, and validating agency practices in order to benchmark against standards and produce a gap analysis using industry standards such as FISMA/NIST, PCI/DSS, ISO, HIPPA, and others; Develops and/or contributes to improvement of IT controls and compliance inventory, models, applications, process, and/or tools that confirm and/or document a satisfactory level of assurance; Utilizes and applies internally developed as well as commonly available products and/or practices in the completion of assigned work such as any agency designed compliance maturity model, any Symantec Corp or similar compliance product, MS Office products, SQL, SharePoint, etc.; assists higher level staff in the delivery of customer service. If you possess these skills, we invite you to apply for this position with DoIT!

Job Responsibilities

30% Under immediate supervision, supports the agency's IT Governance, Risk and Compliance program in the Division of Information Security as directed by the Chief Information Security Officer and authorized managers:

  • Works with experienced security, technical, and auditing personnel in the Governance, Risk and Compliance program to monitor, assess, appraise, evaluate, and manage the agency's adherence to published policies and procedures and generally accepted best business practices that protect the confidentiality, integrity, and availability of IT resources

30% Works as a team member and/or as directed by authorized staff in monitoring, observing, interviewing, verifying, and validating agency practices in order to benchmark against standards and produce a gap analysis using industry standards such as FISMA/NIST, PCI/DSS, ISO, HIPAA, and others:

  • Travels to monitor, observe, interview, train, continue education, etc
  • Interacts with technical and administrative professionals within, as well as outside, the agency to facilitate information sharing, knowledge exchange, process improvement, and a community of practice
  • Responds to calls for assistance on a statewide basis

20% Develops and/or contributes to improvement of IT controls and compliance inventory, models, applications, process, and/or tools that confirm and/or document a satisfactory level of assurance that agency practice meets or exceeds management expectations:

  • Participates in or conducts training educating stakeholders in compliance policies, procedures, practices, etc
  • Travels statewide to various locations in performance of duties.

(Job Responsibilities continued)

10% Utilizes and successfully applies internally developed as well as commonly available products and/or practices in the completion of assigned work such as any agency designed compliance maturity model, any Symantec Corp or similar compliance product, MS Office products, SQL, SharePoint, etc.

5% As assigned assists higher level staff in the delivery of customer service, information assurance processes, and/or meeting the overall mission of the agency.

5% Performs other duties as required or assigned which are reasonably within the scope of duties enumerated above.

Knowledge, Skills, and Abilities

Minimum Qualifications:

  1. Knowledge, skill, and mental development equivalent to completion of two years of college with coursework in computer science, management information systems, IT auditing, or a related field; OR satisfactory completion of an agency sponsored training program

Specialized Skills:

  1. Requires education and knowledge as outlined in FISMA/NIST
  2. Requires education and knowledge as outlined in PCI/DDS and ISO
  3. Requires education and knowledge as outlined in HIPAA
  4. Requires education and knowledge as outlined in MS Office Suite products
  5. Requires education and knowledge as outlined in SQL, Crystal Reports, and Sharepoint
  6. Requires knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.

Preferred Qualifications (In Order of Significance):

  1. Good oral and written communication skills to present technical information to non-technical decision makers with clarity and precision
  2. Knowledge of methods used to monitor and measure risk, compliance, and assurance efforts
  3. Knowledge of methods used to monitor and evaluate system's compliance with information technology (IT) security, resilience, and dependability requirements
  4. Knowledge of security compliance processes and/or audits for external services (e.g., cloud service providers, data centers)
  5. Education and knowledge as outlined above in FISMA/NIST
  6. Education and knowledge as outlined above in PCI/DDS and ISO
  7. Education and knowledge as outlined above in HIPAA
  8. Education and knowledge as outlined above in MS Office Suite products
  9. Education and knowledge as outlined above in SQL, Crystal Reports, and Sharepoint
  10. Knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation 

Employment Conditions

  1. Requires ability to travel
  2. Requires use of agency-supplied equipment (mobile phone, laptop, etc)
  3. Requires ability to successfully complete employer-provided training courses
  4. Requires satisfactory completion of a fingerprint-based background check as defined in the Department of Justice, Federal Bureau of Investigation Criminal Justice Information Services (CJIS) Security Policy, Internal Revenue Service Publication 1075 and background check done by the Illinois State Police.

Education Major

Work Hours:  Monday - Friday 8:30AM - 5:00PM  
Work Location: 120 W Jefferson St Springfield, IL 62702-5170  
Agency Contact:
 
Tristan.J.Molumby@illinois.gov

Job Family:  Technology  

 

This position DOES contain “Specialized Skills” (as that term is used in CBAs).

 

APPLICATION INSTRUCTIONS

Use the “Apply” button at the top right or bottom right of this posting to begin the application process.

If you are not already signed in, you will be prompted to do so. 

State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon. 

Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon.  If you have never before signed in, you will be prompted to create an account.

If you have questions about how to apply, please see the following resources:

State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid

Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.

 

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.

 

The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:

  • donotreply@SIL-P1.ns2cloud.com
  • systems@SIL-P1.ns2cloud.com