Working Title: Information Security Engineer - Risk and Compliance
Job Class: Information Technology Specialist 5
Agency: Minnesota IT Services
Job ID : 90114
Location : St. Paul
Telework Eligible : Yes #LI-Hybrid
Full/Part Time : Full-Time
Regular/Temporary : Unlimited
Who May Apply : Open to all qualified job seekers
Date Posted : 11/07/2025
Closing Date : 11/14/2025
Hiring Agency/Seniority Unit : Minnesota IT Services
Division/Unit : Enterprise Security Office
Work Shift/Work Hours : Day Shift
Days of Work : Monday - Friday
Travel Required : No
Salary Range: $39.73 - $67.92 / hourly; $82,956 - $141,816 / annually
Job Class Option : Information Security
Classified Status : Classified
Bargaining Unit/Union : 214 - Professional Employees (MAPE)
FLSA Status : Exempt - Professional
Designated in Connect 700 Program for Applicants with Disabilities (https://mn.gov/mmb/careers/diverse-workforce/people-with-disabilities/connect700/) : Yes
The work you'll do is more than just a job.
At the State of Minnesota, employees play a critical role in developing policies, providing essential services, and working to improve the well-being and quality of life for all Minnesotans. The State of Minnesota is committed to equity and inclusion, and invests in employees by providing benefits, support resources, and training and development opportunities.
Join the 2,800+ professionals of Minnesota IT Services (https://mn.gov/mnit/about-mnit/careers/) (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.
Join our team as a Principal Information Security Engineer (PISE) and take the lead in protecting the state's most important information and systems. In this key role, you will help shape and strengthen our Information Security Program to keep our data secure from today's threats and ready for future challenges. Your main focus will be on Governance, Risk, and Compliance (GRC)-helping to build a strong, compliant, and proactive security culture throughout the organization.
Key Responsibilities:
Design and Implement security controls that meet state and federal standards.
Coordinate and support audits, both internal and external; help develop corrective action plans and track progress.
Lead security assessments from planning through completion, including defining scope, assigning tasks, monitoring progress, and ensuring timely delivery.
Prepare and maintain security documentation, such as System Security Plans (SSPs), Plans of Action and Milestones (POAMs), and other required documentation.
Monitor and report on compliance with security policies and regulatory requirements.
Acting as a primary liaison with federal agency partners to support compliance efforts, security assessments, and audit engagements.
Collaborate with IT and business teams to integrate security into projects and daily operations; provide subject matter expertise as needed.
Mentor and train team members to build skills, share knowledge, and promote best practices.
Represent the security team in meetings, audits, and planning sessions as an expert in information security governance, risk, and compliance.
Promote a culture of security awareness, encouraging proactive identification and mitigation of risks.
This position requires an employee to be onsite at 540 Cedar Street, Saint Paul, Minnesota at least 50% of the time, with some opportunity to perform work from a telework location. Telework (https://mn.gov/mmb-stat/policies/1422-telework.pdf) for Minnesota IT Services is available on a limited basis. Employees will be required to meet current telework eligibility requirements.
Minimum Qualifications
Candidates must clearly demonstrate all of the following qualifications in their resume. Resume tips here. (https://mn.gov/mnit/about-mnit/careers/hiringprocess.jsp) :
Position requires a minimum of five (5) years of IT related experience in information security engineer or related information security role.
Experience must include:
Experience with security governance, risk assessment, and compliance management-you know how to keep systems and data safe and in line with regulations.
Comfortable working with Unix, Linux, and Windows operating systems, and familiar with the tools used to manage them.
Able to create or review technical documentation and make sure it's clear and accurate.
Using risk management tools, coordinating audits, developing policies, or reporting on security metrics.
A good understanding of security regulations and standards like NIST, IRS 1075, HIPAA, PCI, and MARSE (or similar frameworks).
Ability to deliver effective verbal or written messages that facilitate a mutual understanding on both parties.
Customer service skills that include active listening, empathy, and problem-solving.
A master's degree in Information Technology or an IT related field substitutes for three (3) years of experience, OR an IT related bachelor's degree substitutes for two (2) years, OR an IT related associate's degree substitutes for one (1) year.
Preferred Qualifications
Experience serving in the role of Team Lead, Principal or Architect level position.
GRC experience leading federal regulatory reviews and compliance activities.
Strong Azure experience, specifically within the IAM, architecture, compliance and security areas
Certified Information Systems Security Professional (CISSP) or the ability to certify within one (1) year of hire.
Other technologies or certifications: CISA, CISM, Security+, MS Azure or other relevant information security certification.
Experience implementing security frameworks and systems security plan development.
Additional Requirements
It is the policy of Minnesota IT Services that a successful candidate must pass all legally required checks prior to employment which may consist of the following:
SEMA4 Records Check (applies to current and past state employees only)
Criminal History Check
Reference Check
Social Security and Address Verification
Education Verification
CJIS Background Check
Other legally required checks
Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.
AN EQUAL OPPORTUNITY EMPLOYER
Minnesota State Colleges and Universities is an Equal Opportunity employer/educator committed to the principles of diversity. We prohibit discrimination against qualified individuals based on their race, sex, color, creed, religion, age, national origin, disability, protected veteran status, marital status, status with regard to public assistance, sexual orientation, gender identity, gender expression, or membership in a local commission as defined by law. As an affirmative action employer, we actively seek and encourage applications from women, minorities, persons with disabilities, and individuals with protected veteran status.
Reasonable accommodations will be made to all qualified applicants with disabilities. If you are an individual with a disability who needs assistance or cannot access the online job application system, please contact the job information line at 651-259-3637 or email careers@state.mn.us . Please indicate what assistance is needed.
