IT Info Security Engineer III - ITS Posting Begin Date: 2025/02/03 Posting End Date: 2025/02/18 Category: IT And Computers Work Type: Full Time Location: Boise, ID, United States Minimum Salary: 37.68 Maximum Salary: 40.20 Pay Rate Type: Hourly Description Information Technology Services - ITSState of Idaho Opportunity SUMMARY: Information Technology Services is a team of dedicated professionals providing core technology and cybersecurity services to agencies statewide, enabling state employees to serve Idaho's citizens. We sincerely hope you will consider being part of our success. Information Technology Services (ITS), currently has an opening for an IT Information Security Engineer Level III position in our Chinden office in Boise . This position is instrumental in shaping, executing, and refining our GRC framework to assure compliance, operational integrity, risk containment, and the strengthening of our overall security status. This position will provide technical, operational, and project leadership as the subject matter expert over the Governance, Risk and Compliance function. The incumbent will bridge gaps with stakeholders to bolster our cybersecurity stance, syncing GRC undertakings with agency aims, and orchestrating cybersecurity risks with adeptness. The ideal candidate should possess one to two years of cyber GRC and risk analytics experience within IT, understand cybersecurity frameworks, GRC platforms, security standards, privacy concepts and risk management assessments, and be able to communicate IT risk concepts to non-technical people. They should also be adept at documenting risk and compliance activities clearly and concisely and be able to work independently, managing time and tasks efficiently with minimal oversight. Please note: The successful candidates will be required to pass multiple, comprehensive fingerprint-based background checks specific to the agencies ITS supports. Example of duties: + Perform risk assessments to identify vulnerabilities, non-compliance risks, and remediation opportunities. + Bolster and enrich our security controls framework to assure robust risk management practices are consistently observed and advanced. + Perform risk assessment initiatives, identifying, analyzing and mitigating risk that could impact the State of Idaho, while advocating a culture of proactive risk management. + Assist with the enhancement and efficient use of Governance, Risk & Compliance (GRC) tools standardizing our risk management capabilities. + Innovate and implement strategies to refine objective, data-driven risk models, elevating our approach to risk assessment and management. + Craft detailed reports and presentations, contributing to the continuous advancement of the IT Security Risk Registry, and accurately document risk and compliance activities for transparent governance. Minimum Qualifications: + Considerable knowledge of computer networking concepts and protocols, and network security methodologies. Typically gained by at least four years of professional work experience (within the last five years) performing network security OR two years of professional work experience (within the last five years) and successful completion of college/vocational courses covering network security practices. + Considerable knowledge of internal tactics to anticipate and mitigate cyber security threat capabilities and actions. Typically gained by at least three years of professional work experience researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation OR successful completion of college courses in cyber security threat identification and mitigation and one year of practical work experience . + Considerable knowledge of risk management processes (e.g., methods for assessing, documenting, and mitigating risk). Typically gained by at least three years of IT experience examining, auditing, managing, implementing IT risk assessments, IT audit programs, and IT security programs . + Good knowledge of cyber intelligence/information collection capabilities and conducting cyber incident investigations; assessing cyber security regulatory compliance and policy & procedure writing. Typically gained by at least three years of work experience as an advanced IT professional which includes practical experience conducting cyber incident investigations . + Good knowledge of supervisory practices. Typically gained by at least one year of professional work experience performing as a supervisor which required work assignment, direction and monitoring staff with responsibility (or significant input) into the hiring of employees, preparing performance evaluations, and handling problem-solving procedures OR successful completion of at least 8 hours of courses or seminars specifically covering supervisory practices PLUS at least 6 months experience performing as a full supervisor OR successful completion of 6 college credit hours of courses or seminars covering the essential elements of management (planning, organizing, leading, and controlling . Applications will be accepted through 4:59 PM MST on the posting end date. Benefits: The State of Idaho offers a robust total compensation package, including medical, vision, and dental insurance; PERSI retirement benefits; paid sick, vacation, and parental leave; and 11 paid holidays per year. For additional information related to benefits and/or State programs, please visit https://dhr.idaho.gov/StateEmployees/Benefits.html. EEO/ADA/Veteran: The State of Idaho is committed to providing equal employment opportunities and prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, political affiliation or belief, sex, national origin, genetics, or any other status protected under applicable federal, state, or local laws. The State of Idaho is committed to access and reasonable accommodations for individuals with disabilities, auxiliary aids and services are available upon request. If you require an accommodation at any step in our recruitment process, you are encouraged to contact (208) 334-2263 (TTY/TTD: 711), or email[email protected]. Preference may be given to veterans who qualify under state and federal laws and regulations.