You are viewing a preview of this job. Log in or register to view more details about this job.

Information Security and Audit Compliance Manager

Job Title: Information Security & Audit Compliance Manager
Job Requisition ID:  37322
Closing Date/Time: 05/14/2024
Salary: anticipated salary $125,000 - $135,000 annually
Work Hours: 8:30am - 5:00pm M-F
Work Location: 100 South Grand Ave E, Springfield, Illinois, 62762
Union Position: No
Work Authorization: The State of Illinois does not provide sponsorship for employment visa status and cannot accept F1 OPT/CPT. To be considered for permanent employment with the State of Illinois, applicants must be legally authorized to work in the United States without the need for employer sponsorship now or at any time in the future.


Are you looking for a rewarding career with an organization that values their staff? The Department of Innovation & Technology (DoIT) is seeking to hire qualified candidates with the opportunity to work in a dynamic, creative thinking, problem solving environment. 

This position serves as the Information Security & Audit Compliance Manager to lead our team supporting the Illinois Department of Human Services (DHS).  

The DoIT Team at DHS is leading a transformation to modernize the way citizens interact with the State of Illinois agency responsible for providing a wide variety of services to Illinois residents.  

The DoIT team at DHS is seeking to hire a candidate with strong technical and people skills to serve as the Information Security & Audit Compliance Section Manager responsible for managing DHS state-wide information system security process.  

The successful candidate will need to be highly analytical, professional, communicate effectively, and possess excellent organizational skills. 

If you possess these knowledges, skills, abilities, and experience, we invite you to apply for this position to join the DoIT Team!


As a State of Illinois employee, you receive a comprehensive benefits package including:

  • Competitive Group Insurance benefits including health, life, dental and vision plans
  • Flexible work schedules (when available and dependent upon position)
  • 10 -25 days of paid vacation time annually (10 days for first year of state employment)
  • 12 days of paid sick time annually which carryover year to year
  • 3 paid personal business days per year
  • 13-14 paid holidays per year dependent on election years
  • 12 weeks of paid parental leave
  • Pension plan through the State Employees Retirement System
  • Deferred Compensation Program – voluntary supplemental retirement plan
  • Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
  • Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility

For more information regarding State of Illinois Benefits follow this link:


Essential Functions

35% Subject to management approval, serves as the Information Security & Audit Compliance Manager for the Department of Innovation & Technology, supporting the Department of Human Services (DoIT/DHS):

  • Manages the Department of Human Services (DHS) state-wide information system security process.
  • Administers security policies, programs and initiatives aligning them with the business objectives of DoIT/DHS.
  • Confers with the Department of Innovation & Technology (DoIT) to coordinate state-wide security policy implementation in alignment with enterprise security architecture, National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF), Rick Management Framework (RMF) and Control Objectives for Information and Related Technologies (COBIT) Standards.
  • Develops DoIT/DHS Information Security Policies, Business Continuity and Disaster Recovery best practices and processes as defined by the Disaster Recovery Institute International (DRII) standards.
  • Manages processes for responding to Freedom of Information Act (FOIA) and similar requests from DHS management.


25% Serves as full-line supervisor:

  • Assigns and reviews work.
  • Provides guidance and training to assigned staff.
  • Counsels staff regarding work performance.
  • Reassigns staff to meet day-to-day operating needs.
  • Establishes annual goals and objectives.
  • Approves time off.
  • Adjusts first level grievances.
  • Effectively recommends and imposes discipline, up to and including discharge.
  • Prepares and signs performance evaluations.
  • Determines and recommends staffing needs.


15% Oversees internal and external audit and compliance processes related to DoIT/DHS information systems:

  • Independently or through subordinate staff, interfaces with other state and federal agencies regarding audits, data sharing agreements, and other information security-related issues.


10% Independently and through subordinate staff, ensures correct application of processes used to approve or deny user requests for DoIT/DHS-specific information systems access:  

  • Resolves disputes with requesting staff in the event requests are denied or modified through the approval process.


10% Develops, implements and monitors information system security controls for system access across IDHS in accordance with DHS, DoIT, and other state/federal requirements:

  • Keeps abreast of new developments in the Information Technology field by attending training, conferences, and seminars.


5% Performs other duties as assigned or required which are reasonably within the scope of duties enumerated above.

Minimum Qualifications

  1. Requires knowledge, skill, and mental development equivalent to completion of four (4) years college preferably with coursework in computer science, management information systems, information technology or related fields.
  2. Requires four (4) years of progressively responsible administrative experience in Information Technology Audits and Security.
  3. Requires three (3) years of experience supervising a team of IT professionals

Preferred Qualifications

  1. Four (4) years of professional experience working with the National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF), NIST Risk Management Framework (RMF) and Control Objectives for Information and Related Technologies (COBIT) framework.
  2. Four (4) years of professional experience with Information Security Policies, Business Continuity and Disaster Recovery best practices, processes as defined by the Disaster Recovery Institute International (DRII), and/or similar standards.
  3. Four (4) years of professional experience managing an IT system security program for a public or private organization.
  4. Four (4) years of professional experience developing information system security policies and procedures for a large public or private organization.
  5. Four (4) years of professional experience working with internal and external information technology audits for a public or private organization.
  6. Ability to analyze administrative problems and adopt an effective course of action.
  7. Ability to develop and maintain cooperative working relationships.
  8. Demonstrated verbal and written communication skills.
  9. Certification in one or more of the following: Certified Information Systems Security Professional (CISSP – ISC (2)); Certified Information Security Manager (CISM - ISACA); Certified Information Systems Auditor (CISA – ISACA); Certified Business Continuity Professional (BCP – DRI International); Governance, Risk and Compliance Certification (CGRC – ISC (2)); Certified Risk and Information Systems Control.

Employment Conditions

NOTE: Applicants must possess the ability to meet ALL of the following conditions of employment, with or without reasonable accommodation, to be considered for this position. 

  1. Requires the ability to verify identity.
  2. Requires employment authorization to accept permanent full-time position with the State of Illinois
  3. Requires ability to pass a position specific, agency required background check.
  4. Requires ability to work outside of normal business hours to meet deadlines.
  5. Requires ability to use agency-supplied equipment (cell phone, laptop, etc.).
  6. Requires ability to attend seminars, conferences, and trainings to stay current on methods, tools, ideologies, or other industry related topics relevant to the job duties.
  7. Requires ability to lift and carry objects weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.
  8. Requires the ability to travel in performance of duties.
  9. Requires the ability to serve in an on-call capacity.


The conditions of employment listed are incorporated and/or related to any duties included in the position description.

The Department of Innovation & Technology (DolT) is the state's IT agency delivering an enterprise approach to statewide technology, innovation and telecommunication services, as well as policy and standards development, lifecycle investment planning, and cybersecurity services. With over 1,500 employees, DolT delivers IT services and innovative solutions to customer agencies to improve services provided to Illinois residents, DolT offers employees the opportunity to advance their careers, develop new skills and reach their potential, both personally and professionally. DoIT is committed to promoting and preserving a workplace culture that embraces diversity and inclusion. We welcome and value employees with different backgrounds, life experiences and talents. It is the collective sum of our individual differences that provides a broad perspective, leading to greater innovation and achievement. In recruiting for our team, we recognize the unique contributions of each applicant regardless of culture, ethnicity, race, national origin, sex, gender identity and expression, age, religion, disability, and sexual orientation.


Revolving Door:
Certain provisions of the revolving door restrictions contained in 5 ILCS 430/5-45 apply to this position. As a result, the employee should be aware that if offered non-State employment during State employment or within one year immediately after ending State employment, the employee shall, prior to accepting any such non-State employment offer, notify the Office of the Executive Inspector General for the Agencies of the Illinois Governor (“OEIG”) or may be subject to a fine.


Term Appointment:
Candidates hired into a term position shall be appointed for a term of 4 years and are subject to a probationary period. The term may be renewed for successive four-year terms at the Director of the Department of Innovation and Technology’s discretion.