State of Minnesota
Information Security Engineer - Risk Assessment - ITS4
State of Minnesota, Saint Paul, Minnesota, United States, 55130
Working Title: Information Security Engineer - Risk Assessment
Job Class: Information Technology Specialist 4
Agency: Minnesota IT Services
Job ID
: 81217
Location
: St. Paul
Telework Eligible
: Yes #LI-Hybrid
Full/Part Time
: Full-Time
Regular/Temporary
: Unlimited
Who May Apply
: Open to all qualified job seekers
Date Posted
: 10/29/2024
Closing Date
: 11/12/2024
Hiring Agency/Seniority Unit
: Minnesota IT Services
Division/Unit
: Office of Enterprise Tech / Enterprise GRC
Work Shift/Work Hours
: Day Shift
Days of Work
: Monday - Friday
Travel Required
: No
Salary Range:
$36.52 - $60.24 / hourly; $76,253 - $125,781 / annually
Job Class Option
: Information Security
Classified Status
: Classified
Bargaining Unit/Union
: 214 - Professional Employees (MAPE)
FLSA Status
: Exempt - Administrative
Designated in Connect 700 Program for Applicants with Disabilities (https://mn.gov/mmb/careers/diverse-workforce/people-with-disabilities/connect700/) : Yes
The work you'll do is more than just a job.
At the State of Minnesota, employees play a critical role in developing policies, providing essential services, and working to improve the well-being and quality of life for all Minnesotans. The State of Minnesota is committed to equity and inclusion, and invests in employees by providing benefits, support resources, and training and development opportunities.
Join the 2,600+ professionals of Minnesota IT Services (https://mn.gov/mnit/about-mnit/careers/) (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.
As an Information Security Engineer with the Minnesota IT Services (MNIT), you will play a critical role in analyzing, developing, and implementing administrative and technical information security strategies aligned with the state's strategic objectives. This position focuses on ensuring that Minnesota's information assets are protected against internal and external threats by identifying vulnerabilities and providing risk treatment plans.
In this advanced technical role, you will be responsible for driving governance, risk and compliance efforts across the state, including leading the statewide cyber risk quantification (CRQ) initiatives. In addition, you will collaborate with cross-functional teams to enhance the security posture and ensure the effective management of security risks.
This position is currently eligible for full-time telework:
Telework (https://mn.gov/mmb-stat/policies/1422-telework.pdf) for Minnesota IT Services allows an employee to perform work from a telework location and an employee may be required to be in the office based on business needs and other dependencies in St. Paul, Minnesota.
Only candidates located in Minnesota and bordering states (Iowa, North Dakota, South Dakota, or Wisconsin) are telework eligible.
Minimum Qualifications
Candidates must clearly demonstrate all of the following qualifications in their resume.
Resume tips here. (https://mn.gov/mnit/about-mnit/careers/hiringprocess.jsp)
:
Position requires a minimum of four (4) years of IT experience in information security.
Experience must include:
Conducting/coordinating information security risk assessments.
Analyzing data from risk assessments to determine overall risk to organization's information assets.
Effectively communicating risk to leadership, including recommending ways to address/mitigate risk that is outside organization's risk appetite or tolerance.
Experience applying regulatory requirements that have a direct relationship to information security (e.g. NIST, IRS 1075, HIPAA, PCI, ACA, etc.)
Ability to deliver effective verbal or written messages that facilitate a mutual understanding on both parties.
Customer service skills that include active listening, empathy, and problem-solving.
A master’s degree in Information Technology or an IT related field substitutes for three (3) years of experience, OR an IT related bachelor’s degree substitutes for two (2) years, OR an IT related associate’s degree substitutes for one (1) year.
Preferred Qualifications
Experience with Factor Analysis of Information Risk (FAIR).
Knowledge of the Information Security Common Body of Knowledge and other widely accepted information security principles.
Familiar with mainframe, LAN, and network technologies.
Experience with SAFE One.
Ability to apply web-based security and/or related e-business security principles.
Certification in Information Security (CISSP, CISA, MSCE, BCP).
Skill in risk management sufficient to identify risks before they become issues and develop effective mitigation plans.
Negotiation skills sufficient to find consensus with diverse groups of individuals, both technical and non-technical.
Additional Requirements
It is the policy of Minnesota IT Services that a successful candidate must pass all legally required checks prior to employment which may consist of the following:
SEMA4 Records Check (applies to current and past state employees only)
Criminal History Check
Reference Check
Social Security and Address Verification
Education Verification
CJIS Background Check
Other legally required checks
Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.
AN EQUAL OPPORTUNITY EMPLOYER
Minnesota State Colleges and Universities is an Equal Opportunity employer/educator committed to the principles of diversity. We prohibit discrimination against qualified individuals based on their race, sex, color, creed, religion, age, national origin, disability, protected veteran status, marital status, status with regard to public assistance, sexual orientation, gender identity, gender expression, or membership in a local commission as defined by law. As an affirmative action employer, we actively seek and encourage applications from women, minorities, persons with disabilities, and individuals with protected veteran status.
Reasonable accommodations will be made to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at 651-259-3637 or email careers@state.mn.us . Please indicate what assistance is needed.
Job Class: Information Technology Specialist 4
Agency: Minnesota IT Services
Job ID
: 81217
Location
: St. Paul
Telework Eligible
: Yes #LI-Hybrid
Full/Part Time
: Full-Time
Regular/Temporary
: Unlimited
Who May Apply
: Open to all qualified job seekers
Date Posted
: 10/29/2024
Closing Date
: 11/12/2024
Hiring Agency/Seniority Unit
: Minnesota IT Services
Division/Unit
: Office of Enterprise Tech / Enterprise GRC
Work Shift/Work Hours
: Day Shift
Days of Work
: Monday - Friday
Travel Required
: No
Salary Range:
$36.52 - $60.24 / hourly; $76,253 - $125,781 / annually
Job Class Option
: Information Security
Classified Status
: Classified
Bargaining Unit/Union
: 214 - Professional Employees (MAPE)
FLSA Status
: Exempt - Administrative
Designated in Connect 700 Program for Applicants with Disabilities (https://mn.gov/mmb/careers/diverse-workforce/people-with-disabilities/connect700/) : Yes
The work you'll do is more than just a job.
At the State of Minnesota, employees play a critical role in developing policies, providing essential services, and working to improve the well-being and quality of life for all Minnesotans. The State of Minnesota is committed to equity and inclusion, and invests in employees by providing benefits, support resources, and training and development opportunities.
Join the 2,600+ professionals of Minnesota IT Services (https://mn.gov/mnit/about-mnit/careers/) (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.
As an Information Security Engineer with the Minnesota IT Services (MNIT), you will play a critical role in analyzing, developing, and implementing administrative and technical information security strategies aligned with the state's strategic objectives. This position focuses on ensuring that Minnesota's information assets are protected against internal and external threats by identifying vulnerabilities and providing risk treatment plans.
In this advanced technical role, you will be responsible for driving governance, risk and compliance efforts across the state, including leading the statewide cyber risk quantification (CRQ) initiatives. In addition, you will collaborate with cross-functional teams to enhance the security posture and ensure the effective management of security risks.
This position is currently eligible for full-time telework:
Telework (https://mn.gov/mmb-stat/policies/1422-telework.pdf) for Minnesota IT Services allows an employee to perform work from a telework location and an employee may be required to be in the office based on business needs and other dependencies in St. Paul, Minnesota.
Only candidates located in Minnesota and bordering states (Iowa, North Dakota, South Dakota, or Wisconsin) are telework eligible.
Minimum Qualifications
Candidates must clearly demonstrate all of the following qualifications in their resume.
Resume tips here. (https://mn.gov/mnit/about-mnit/careers/hiringprocess.jsp)
:
Position requires a minimum of four (4) years of IT experience in information security.
Experience must include:
Conducting/coordinating information security risk assessments.
Analyzing data from risk assessments to determine overall risk to organization's information assets.
Effectively communicating risk to leadership, including recommending ways to address/mitigate risk that is outside organization's risk appetite or tolerance.
Experience applying regulatory requirements that have a direct relationship to information security (e.g. NIST, IRS 1075, HIPAA, PCI, ACA, etc.)
Ability to deliver effective verbal or written messages that facilitate a mutual understanding on both parties.
Customer service skills that include active listening, empathy, and problem-solving.
A master’s degree in Information Technology or an IT related field substitutes for three (3) years of experience, OR an IT related bachelor’s degree substitutes for two (2) years, OR an IT related associate’s degree substitutes for one (1) year.
Preferred Qualifications
Experience with Factor Analysis of Information Risk (FAIR).
Knowledge of the Information Security Common Body of Knowledge and other widely accepted information security principles.
Familiar with mainframe, LAN, and network technologies.
Experience with SAFE One.
Ability to apply web-based security and/or related e-business security principles.
Certification in Information Security (CISSP, CISA, MSCE, BCP).
Skill in risk management sufficient to identify risks before they become issues and develop effective mitigation plans.
Negotiation skills sufficient to find consensus with diverse groups of individuals, both technical and non-technical.
Additional Requirements
It is the policy of Minnesota IT Services that a successful candidate must pass all legally required checks prior to employment which may consist of the following:
SEMA4 Records Check (applies to current and past state employees only)
Criminal History Check
Reference Check
Social Security and Address Verification
Education Verification
CJIS Background Check
Other legally required checks
Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.
AN EQUAL OPPORTUNITY EMPLOYER
Minnesota State Colleges and Universities is an Equal Opportunity employer/educator committed to the principles of diversity. We prohibit discrimination against qualified individuals based on their race, sex, color, creed, religion, age, national origin, disability, protected veteran status, marital status, status with regard to public assistance, sexual orientation, gender identity, gender expression, or membership in a local commission as defined by law. As an affirmative action employer, we actively seek and encourage applications from women, minorities, persons with disabilities, and individuals with protected veteran status.
Reasonable accommodations will be made to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at 651-259-3637 or email careers@state.mn.us . Please indicate what assistance is needed.