Share this Job

Risk Specialist I (INFORMATION SERVICES SPECIALIST I - OPTION S) (UMP)

We continually strive for a workforce that reflects the growing diversity within the State of Illinois. A variety of employee backgrounds, perspectives, ideas and experiences are crucial to our ability to most effectively serve the public. Bilingual skills welcome

Reasonable Accommodation Statement

The State of Illinois is committed to working with and providing reasonable accommodations to people with disabilities. Further, federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job, interview for a job, or for any other activity related to the hiring process. Examples of reasonable accommodation include, but are not limited to, making a change to the application process (if possible), providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

To be provided a Reasonable Accommodation during the hiring process, you will need to provide a certification of disability from a physician, psychiatrist, school official or an Illinois Department of Human Services (DHS) Division of Rehabilitation Services (DRS) Vocational Rehabilitation (VR) Counselor. Supporting documentation should be uploaded under My Documents → Additional Documents section for each application.

Any questions on Reasonable Accommodations can be directed to Central Management Services Disability Resource Center at CMS.DisabilityResCen@illinois.gov or call (217) 524-7514 for further information and to request or discuss an accommodation.

Sponsorship for Employment

The State of Illinois does not provide sponsorship for employment visa status (e.g. H-1B visa status). To be considered for permanent employment with the State of Illinois, applicants must be currently authorized to work in the United States on a full-time basis.

Disclosure of Salary Information

In compliance with the Illinois Equal Pay Act, 820 ILCS 112/1 et seq., the State does not seek, request, or require a job applicant’s wage or salary history.  Employment decisions are not made based on an applicant’s wage or salary history.  To that end, please do not include wage or salary information in your resume or other profile or application materials.

Date:  Nov 18, 2022
Location: 

Springfield, IL, US, 62702-5170

Job Requisition ID:  20860

Agency :  Department of Innovation and Technology 

Posting Date: 11/21/2022
Closing Date/Time: 12/06/2022
 
Salary:   $4,738 - $6,964  
Job Type:   Salaried Full Time  
County:   Sangamon  
Number of Vacancies:   5  
Plan/BU:   RC063  

 

This position is a union position; therefore, provisions of the relevant collective bargaining agreement/labor contract apply to the filling of this position.

 

All applicants who want to be considered for this position MUST apply electronically through the illinois.jobs2web.com website. State of Illinois employees should click the link near the top left to apply through the SuccessFactors employee career portal.

Applications submitted via email or any paper manner (mail, fax, hand delivery) will not be considered.

 

Posting Identification Number  20860

Performs, but is not limited to, the following duties for the Department of Innovation and Technology: performs limited assignments to support the daily operation of Risk Management programs; Assists in performing security reviews, the identification of gaps in security architecture, and the development of a security risk management plan; Assesses threats to and vulnerabilities of computer system(s) and assists in developing a security risk profile; Performs limited information security risk assessments and assists in designing security countermeasures to mitigate identified risks; Assists in providing input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials); Observes and receives formal and on-the-job training relating to governance, risk and compliance activities; Interprets patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s information assurance (IA) program; Works with higher level staff as a team member to implement security designs and approaches to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. If you possess these skills, we invite you to apply for this position with DoIT! 
 

Job Responsibilities

30% Under immediate supervision of the Risk Manager in Governance, Risk and Compliance (GRC); performs limited assignments to support the daily operation of Risk Management programs:

  • Assists in performing security reviews, the identification of gaps in security architecture, and the development of a security risk management plan; 
  • Assesses threats to and vulnerabilities of computer system(s) and assists in developing a security risk profile; 
  • Performs limited information security risk assessments and assists in designing security countermeasures to mitigate identified risks. 
  • Assists in coordinating risk management and risk assessment requests. 

25% Utilizes policies, standards and procedures within the Governance, Risk and Compliance to identify computer risks for all technology domains, including network, system, data and application:

  • Assists in providing input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials).

20% Conducts limited research and provides reports to higher level staff:

  • Observes and receives formal and on-the-job training relating to governance, risk and compliance activities. 
  • Interprets patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s information assurance (IA) program.  
  • Confers with supervisors and management on risk levels and security posture.

(Job Responsibilities continued)

10% Works with higher level staff as a team member to implement security designs and approaches to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed:

  • Mitigates/corrects security deficiencies identified during security/certification testing, or identify risk acceptance for the appropriate senior leader or authorized representative.
  • Performs security reviews and identify security gaps in security architecture, resulting in recommendations for inclusion into the risk mitigation strategy.

10% Continues education by traveling to attend training sessions, seminars and conferences to increase familiarity with and maintain current on security products, vendors, techniques and procedures:

  • Monitors on-line information security related websites, blogs, articles, reports, as well as other security risk management sources to keep up-to-date on the latest security threats and trends.  

5% Performs other duties as required or assigned which are reasonably within the scope of duties enumerated above.

Knowledge, Skills, and Abilities

Minimum Qualifications:

1.    Requires knowledge, skill and mental development equivalent to completion of two years of college with course work in computer science, IT security, auditing, risk management or directly related fields; OR satisfactory completion of an agency sponsored training program.
Specialized Skills:

1.    Working knowledge of the Risk Management Framework Requirements.
2.    Working knowledge of risk management processes, including steps and methods for assessing risk.
3.    Working knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures.
4.    Working knowledge of information assurance (IA) principles used to manage risks related to the use, processing, storage, and transmission of information or data.
Preferred Qualifications (In order of Significance:

1.    Good oral and written communication skills to present technical information to non-technical decision makers with clarity and precision.
2.    Elementary knowledge of risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
3.    Elementary knowledge of security reviews, identify gaps in security architecture, and of security risk management plans.
4.    Working knowledge of the Risk Management Framework Requirements.
5.    Working knowledge of risk management processes, including steps and methods for assessing risk.
6.    Working knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures.
7.    Working knowledge of information assurance (IA) principles used to manage risks related to the use, processing, storage, and transmission of information or data
 

Employment Conditions

1.    Requires ability to travel.
2.    Requires satisfactory completion of a fingerprint-based background check as defined in the Department of Justice, Federal Bureau of Investigation Criminal Justice Information Services (CJIS) Security Policy, Internal Revenue Service Publication 1075 and background check done by the Illinois State Police. 
3.    Requires use of agency-supplied equipment (mobile phone, laptop, etc.).
 

Work Hours:  Monday - Friday 8:30AM - 5:00PM  
Work Location: 120 W Jefferson St Springfield, IL 62702-5170  
Agency Contact: Tristan.J.Molumby@illinois.gov

Job Family:  Technology  

 

This position DOES contain “Specialized Skills” (as that term is used in CBAs).

 

APPLICATION INSTRUCTIONS

Use the “Apply” button at the top right or bottom right of this posting to begin the application process.

If you are not already signed in, you will be prompted to do so. 

State employees should sign in to the career portal for State of Illinois employees – a link is available at the top left of the Illinois.jobs2web.com homepage in the blue ribbon. 

Non-State employees should log in on the using the “View Profile” link in the top right of the Illinois.jobs2web.com homepage in the blue ribbon.  If you have never before signed in, you will be prompted to create an account.

If you have questions about how to apply, please see the following resources:

State employees: Log in to the career portal for State employees and review the Internal Candidate Application Job Aid

Non-State employees: on Illinois.jobs2web.com – click “Application Procedures” in the footer of every page of the website.

 

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.

 

The main form of communication will be through email. Please check your “junk mail”, “spam”, or “other” folder for communication(s) regarding any submitted application(s). You may receive emails from the following addresses:

  • donotreply@SIL-P1.ns2cloud.com
  • systems@SIL-P1.ns2cloud.com