Share this Job

Current Employee? Click here to apply.

Information Security Manager

Date Posted:  Nov 1, 2019
Requisition ID:  26932
Location: 

Indianapolis, IN, US, 46202

Work for Indiana

Grow your career with the State of Indiana! With more than 50 executive branch agencies, the State of Indiana is a diverse workforce offering employees stimulating and challenging projects across a broad scope of career opportunities. As a State of Indiana employee, you impact the well-being of Indiana’s communities every day.

 

About the Indiana Department of Revenue

The Indiana Department of Revenue is responsible for providing service to Indiana citizens regarding state tax matters.  Additionally, the department administers state tax laws, develops regulations and makes decisions about tax policy.  Join our team that has been named as an IndyStar 2019 top places to work.

 

Salary

Salary for this position is commensurate with education and experience.​​​​​​​

About the Job

As an Information Security Manager you define and implement policies and procedures to secure DOR information, applications, systems, and components against unauthorized access, changes, and destruction.  You will also act as a Security advisor to the multi-year, multi-million dollar DOR modernization project where you will analyze and monitor the security of all DOR data, identify areas of risk and to provide recommendations of enhancements.  You will need to provide guidance on the set up of secure IT infrastructure which will include appropriate security safeguards to be included during development of new IT systems and legacy systems.  You will also be tasked with supporting DOR incident response scenarios by analyzing security events to determine outcomes, impacts, and root causes leading to taking action to halt the continuation of damage and preventing the repeat of similar events.

A Day in the Life
  • Manages the DOR user access program that develops, implements, and operates new and existing tools and processes by which application, system, database, and server access requests are evaluated and fulfilled.
  • Facilitates periodic reviews which can include server reviews to ensure compliance with IRS Publication (Pub) 1075. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and DISA Security Technical Implementation Guide (STIGS) requirements and checks, assuring users have minimum necessary access to perform their assigned duties
  • Manages DOR firewall program that facilitates fulfillment of requests to establish secure connections between DOR and other state agency servers on the IOT - managed network.
  • Oversees and administers the program to secure DOR servers and workstations by implementing technical safeguards from IRS, NIST, and Defense Information Systems Agency (DISA)
  • Leads project to apply CAT 1, 2, and 3 STIGS on 200+ DOR Windows 2008, 2012, and 2016 servers.
  • Plans, develops, and manages Group Policy Objects (GPO) to ensure proper STIG application. 
  • Designs, implements, and manages the Active Directory (AD) and Organizational Unit (OU) structure to apply GPOs for DOR applications.
  • Spearheads the effort to secure Windows servers across the agency, removing direct shares, implementing elevated accounts and tightening controls.
  • Creates and maintains Plans of Action and Milestones to track non-compliant STIG checks.
  • Defines user and service roles, and access management processes
  • Interfaces with user community to understand their user security needs and implements policies and procedures to accommodate them.
  • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data.
  • Develops and implements procedures for use of information security management software.
  • Develops procedures for detecting, reporting, and investigating security breaches in the area of user management or others.
  • May assist with periodic audits to assure security policies and standards are being followed, and develops recommendations for enhancements and generates reports where necessary.
  • Keeps abreast of new laws and changes affecting privacy standards, physical security and logical, remote terminal and network security.
  • Mentors and provides guidance to new or lower level staff.
What We're Looking For
  • Bachelor degree from an accredited college or university in computer science, cyber security or related field 
  • 5 years of IT Security experience
  • CISSP or Security+ may substitute for a non-computer science, cyber security degree
What You'll Need For Success
  • Thorough knowledge of IRS, NIST, DISA, information security policies, standards, practices, and management tools.
  • Upon arrival you will develop thorough knowledge of:
    • DOR and Indiana Office of Technology information security policies, standards, practices, and management tools
    • Federal and state legislation and regulatory laws pertaining to information system se3curity and privacy
    • DOR applications, systems, databases, components, and user accesses to them
  • Security certifications that include CISSP and CompTIA Security+ are preferred but not mandatory
  • Advanced technical understanding of computer programs and languages, operating systems, mainframes, PCs, LANs, and dial-in access control techniques
  • Familiarity with domain structures, user authentication, and digital signatures
  • Theoretical understanding of, and hands on experience with firewall configuration
  • Ability to develop and implement information security standards
  • Ability to understand and apply complex computer logic to solve problems
  • Ability to work effectively with a wide range of business staff and information technologists including systems administrators, technical support, applications development, end users, and management
  • Ability to communicate effectively, both orally and in writing
Supervisory Responsibilities/Direct Reports:
This role provides direct supervision for one or more staff members.

 

Benefits of Employment with the State of Indiana

The State of Indiana offers a comprehensive benefit package for full-time employees which includes:

  • Four (4) medical plan options (including RX coverage) and vision/dental coverages
  • Wellness program (offers eligibility into a discounted medical plan)
  • Health savings account (includes bi-weekly state contribution)
  • Deferred compensation account (similar to 401k plan) with employer match
  • Two (2) fully-funded pension plan options
  • Group life insurance
  • Employee assistance program that allows for covered behavioral health visits
  • Paid vacation, personal and sick time off
  • Competitive leave policies covering a variety of employee needs
  • 12 company paid holidays, 14 on election years
  • Qualified employer for the Public Service Loan Forgiveness Program
  • New Parent Leave
  • Free Downtown Parking

 

Equal Employment Opportunity

The State of Indiana is an Equal Opportunity Employer

Current Employee? Click here to apply.


Nearest Major Market: Indianapolis