The Iowa Department of Revenue (IDR) is seeking to hire a Compliance & Information Security Specialist. Under limited supervision of the Internal Services Division Administrator and the Director, this position serves as the Security, Compliance, and Disclosure Officer for the Department and is a member of the IDR Security and Disclosure Unit.
This position also serves as the liaison with the Department of Revenue’s regulatory bodies, such as the Internal Revenue Service (IRS), the Multi-State Lottery Association (MUSL), and other State Departments. It also serves as the primary point of contact between the State Information Security Function and IDR.
Primary Responsibilities:
- Educate business stakeholders on cybersecurity-related matters in an effort to increase awareness and improve the culture of safeguarding the confidential information of Iowans
- Inform business functional area leaders of the security risk implications of critical decisions by combining empirical analysis with expert judgment
- Perform security/compliance assessments to ensure business applications comply with security controls set by IDR, State of Iowa, IRS Publication 1075, and MUSL Rule 2.
- Prepare internal inspection reports to ensure key safeguard areas are addressed
- Collaborate with the State of Iowa Cyber Incident Response Team on leading agency incident response efforts
- Coordinate the testing of IDR’s incident response procedures and update Incident Response Plan as needed
- Develop an annual security plan for risk assessments, penetration tests, and vulnerability scans. Coordinate the execution of this plan with IT service providers
- Implement, monitor, and document security and process controls
- As a member of the Security and Disclosure Unit:
- Collaborate in the development and review of all security policies and procedures
- Collaborate in the development and delivery of security-related training
- Administer security access controls
- Collaborate in the development of the Business Continuity and Disaster Recovery Plans
- Assists in the management of disclosure requests or subpoenas.
Key Competencies
- Problem-solving and troubleshooting skills: ability to respond to security alerts and coordinate the elimination of system vulnerabilities with IT service providers.
- Analytical skills: ability to assess risks to determine improvements for security policies and procedures.
- Communication skills: ability to explain information security needs and potential threats to technical and nontechnical staff.
- Business acumen: ability to develop a full and deep understanding of IDR’s business operations.
Preference will be given to applicants with:
- Formal and informal information security or compliance training.
- Working knowledge of security and privacy controls for information systems, e.g., IRS PUB 1075.
- Three or more years of experience working in risk management, governance, and regulatory compliance related to security with a specific focus on business outcomes and service delivery.
Employer Highlights:
The Iowa Department of Revenue is a well-respected employer. We are focused on providing excellent customer service, while offering a wonderful team atmosphere, work-life balance, free parking, and casual attire. We offer a flexible working environment and opportunities to work from home with the ability to work from anywhere in the State of Iowa as long as it is your primary residence. We have a great total compensation package for all of our full-time employees, including:
- Iowa Public Employees' Retirement System (IPERS)
- Retirement Investors Club (RIC)
- Flexible Working Environment- Work from Home Opportunities
- Health, Dental and Vision Insurance
- Vacation Leave
- Sick Leave
- Paid Holidays (9 days/year)
- Flexible Spending Accounts
- Life Insurance
- Long-Term Disability Insurance
Questions?
The mission of the Iowa Department of Revenue is to serve Iowans and support the state government by collecting all taxes required by law, but no more. Our strength is driven by the skills, talents, and diversity of our people. We value and promote diversity and inclusion in every aspect of our business and at every level of our organization. If you’re looking for a career with an organization that values its employees and customers, you’ve come to the right place.
Applicants must live within the State of Iowa to qualify for this position and must be able to pass a routine background check, including an L-1 and tax filing check in order to be hired for this position.
Only applicants who meet the Minimum Qualification Requirements and meet all selective requirements (listed below) will be placed on the eligible list.
Selectives
717 Security Administration:
6 months experience, 12 semester hours, or a combination of both in building and maintaining skillset and knowledge base for security issues that impact information technology systems. Applicants may refer to themselves as Security Administrator. System Administrator is not the same.
Minimum Qualification Requirements
Applicants must meet at least one of the following minimum requirements to qualify for positions in this job classification:
- Graduation from an accredited four-year college or university with a degree in any field, and experience equal to five years of full-time professional-level work in program administration, program development, program operations, or management.
- A total of nine years of education and/or full-time experience (as described in number one), where thirty semester hours of accredited college or university course work in any field equals one year of full-time experience.
- All of the following (a, b, and c):
- Three years of full-time professional-level work experience in program administration, program development, program operations, or management; and
- A total of four years of education and full-time experience (as described in part a), where thirty semester hours of accredited college or university course work in any field equals one year of full-time experience; and
- A total of two years of graduate-level education and full-time experience (as described in part a), where twenty-four semester hours of accredited graduate college or university course work in a public-service-related area (e.g., public or business administration, social work, public health, law, education, engineering) equals one year of full-time experience. Graduation from the Iowa Certified Public Manager Program is also equivalent to one year of full-time experience or education.
- Current, continuous experience in the state executive branch that includes twelve months of full-time work as an Executive Officer 2 or two years of full-time work as an Executive Officer 1 or comparable specific management-level position.