We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Our Ability Jobs

Job Information

State of Minnesota Security Engineer Risk & Compliance Lead - ITS5 in St. Paul, Minnesota

Working Title: Security Engineer Risk & Compliance Lead

Job Class: Information Technology Specialist 5

Agency: Minnesota IT Services

  • Job ID : 84842

  • Location : St. Paul

  • Telework Eligible : Yes

  • Full/Part Time : Full-Time

  • Regular/Temporary : Unlimited

  • Who May Apply : Open to all qualified job seekers

  • Date Posted : 03/13/2025

  • Closing Date : 03/26/2025

  • Hiring Agency/Seniority Unit : Minnesota IT Services / MNIT Services - MAPE

  • Division/Unit : Enterprise Security

  • Work Shift/Work Hours : Day Shift

  • Days of Work : Monday - Friday

  • Travel Required : No

  • Salary Range: $39.14 - $66.92 / hourly; $81,724 - $139,728 / annually

  • Job Class Option : Information Security

  • Classified Status : Classified

  • Bargaining Unit/Union : 214 - MN Assoc of Professional Empl/MAPE

  • FLSA Status : Exempt - Professional

  • Designated in Connect 700 Program for Applicants with Disabilities (https://mn.gov/mmb/careers/diverse-workforce/people-with-disabilities/connect700/) : Yes

The work you'll do is more than just a job.

At the State of Minnesota, employees play a critical role in developing policies, providing essential services, and working to improve the well-being and quality of life for all Minnesotans. The State of Minnesota is committed to equity and inclusion, and invests in employees by providing benefits, support resources, and training and development opportunities.

Join the 2,800+ professionals of Minnesota IT Services (https://mn.gov/mnit/about-mnit/careers/) (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.

As a Principal Information Security Engineer, you will contribute to the planning, design and implementation of the Enterprise Information Security programs and strategies that provide oversight and direction to clients in State agencies and offices. You will analyze requirements and standards to provide effective security recommendations. This role also functions as a team lead for the governance, risk, and compliance team.

Key responsibilities will include:

  • Analyzing and documenting current gaps and risks in the GRC Program and processes; collaborate to develop mitigation strategies for audits and assessments.

  • Provide guidance and assistance to stakeholders and owners of audit and assessment findings.

  • Provide guidance to GRC team.

  • Review, document and make recommendations to bring organization into compliance with policies, standards, and controls.

  • Perform or oversee audits related to external entities (i.e. IRS, SSA, OLA) to ensure compliance with polices, standards, and controls.

This position requires an employee to be onsite at the work location 1 day per week :

  • Telework (https://mn.gov/mmb-stat/policies/1422-telework.pdf) for Minnesota IT Services allows an employee to perform work from a telework location and an employee may be required to be in the office based on business needs and other dependencies in St Paul, Minnesota.

  • Only candidates located in Minnesota and bordering states (Iowa, North Dakota, South Dakota, or Wisconsin) are telework eligible.

Minimum Qualifications

Candidates must clearly demonstrate all of the following qualifications in their resume. Resume tips here. (https://mn.gov/mnit/about-mnit/careers/hiringprocess.jsp) :

Position requires a minimum of five (5) years of information security engineering experience.

Experience must include:

  • Applying regulatory requirements that have a direct relationship to information security (e.g. NIST, IRS 1075, HIPAA, PCI, ACA, etc.).

  • Working security governance, risk, and compliance disciplines, audits and assessments, and tools. Understanding of organizational risk.

  • Working across diverse business lines to resource and monitor remediation efforts to ensure compliance policies and standards or regulations.

  • Ability to deliver effective verbal or written messages that facilitate a mutual understanding on both parties.

  • Customer service skills that include active listening, empathy, and problem-solving.

A master’s degree in Information Security or a related field substitutes for three years of experience, OR a related bachelor’s degree substitutes for two years, OR a related associate’s substitutes for one year.

Preferred Qualifications

  • CISSP, CISA, CISM, Security+ or other relevant information security certification.

  • Experience working with the FAIR risk framework for assessments

  • Experience with systems security plan development.

  • Team lead experience.

  • Ability to communicate complex security requirements and solutions to both technical and non-technical internal and external customers, information systems professionals within MN.IT, vendors, and other governmental agencies.

  • Experience using risk management tools and techniques for performing assessments and logging findings

Additional Requirements

It is the policy of Minnesota IT Services that a successful candidate must pass all legally required checks prior to employment which may consist of the following:

  • SEMA4 Records Check (applies to current and past state employees only)

  • Criminal History Check

  • Reference Check

  • Social Security and Address Verification

  • Education Verification

  • CJIS Background Check

  • Other legally required checks

Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.

AN EQUAL OPPORTUNITY EMPLOYER

Minnesota State Colleges and Universities is an Equal Opportunity employer/educator committed to the principles of diversity. We prohibit discrimination against qualified individuals based on their race, sex, color, creed, religion, age, national origin, disability, protected veteran status, marital status, status with regard to public assistance, sexual orientation, gender identity, gender expression, or membership in a local commission as defined by law. As an affirmative action employer, we actively seek and encourage applications from women, minorities, persons with disabilities, and individuals with protected veteran status.

Reasonable accommodations will be made to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at 651-259-3637 or email careers@state.mn.us . Please indicate what assistance is needed.

DirectEmployers