Information Security Governance Regulatory and Compliance Manager

Our Ideal Candidate is a dynamic leader who thrives in environments with a degree of ambiguity and can effectively adapt to changing circumstances This candidate should bring extensive experience leading teams focused on security governance and regulatory compliance. They should have a robust understanding and knowledge of information security core concepts and principles, regulatory compliance frameworks, policies, procedures, standards, and guidelines. Familiarity with OCIO 141.10, IRS Publication 1075, SSA IEA/S, NIST SP 800-53 (R5), and FedRAMP is desirable.

This individual will excel in cross-functional collaboration, demonstrating shared accountability and the capacity to manage relationships across various teams and departments. They will be adept at fostering a risk-conscious culture that emphasizes transparency and accountability making decisions that align with the organization’s core values, fostering a nurturing working environment for continuous improvement!

This candidate will be responsible for establishing robust policy and governance frameworks, serving as the subject matter expert in Policy and Governance. While not required to be an expert from the outset, they must have a solid understanding of policies and a proven track record of participating in structured environments. A successful candidate will help to ensure the confidentiality, integrity, and availability of agency information systems by partnering closely with technology, security, privacy, and risk management leaders across the organization in the design, development, implementation, and the administration of governance models and frameworks.

Duties

The Information Security Governance Regulatory and Compliance Manager plays a pivotal role in establishing and maintaining the agency’s governance framework to ensure information security strategies are aligned with business objectives and comply with laws and regulations. This position is responsible for managing risk, supporting system and data integrity. This manager will lead a team of analysts, oversee the implementation and enforcement of information security policy and governance, conduct risk assessments, and ensure compliance with state and federal audits. Collaborating closely with the Chief Information Security Officer (CISO) and other key stakeholders, this manager is a crucial figure in safeguarding the agency’s information assets, while also fostering a culture of accountability and transparency. This is an exciting opportunity! Apply today – It begins with YOU!

Some of your duties may include:

  • Leadership and Management: Provide leadership, management, direction, and advocacy for information security governance, regulatory, and compliance.
  • Risk Conscious Culture: Foster a culture that demonstrates accountability and transparency.
  • Security Controls: Serve as the primary point of escalation for issues related to implementation and maintenance of security controls as required by OCIO 141.10, IRS Publication 1075, SSA IEA/S, and NIST SP 800-53 (R5).
  • Policy & Strategy: Collaborate closely with the Chief Information Security Officer (CISO) to ensure balance of efficiency and efficacy in enterprise information security strategy, policies, standards, guidelines, procedures, operational activities and the tactical approach to comply with state and federal information security regulatory compliance.
  • Regulatory Compliance: Provides updates on a regular basis regarding the status of State and federal regulatory compliance (e.g. audit) related issues, findings, mitigations, and reporting requirements. These updates often include recommended actions.
  • Risk Management Structure: Develop, apply and recommend methods, frameworks, and requirements to monitor and measure risk, compliance, and assurance efforts including FISMA, FedRAMP, OCIO 141.10 and OMB Memoranda.
  • Product Ownership: Serves as the product owner and administrator of the agency’s governance and regulatory compliance tracking tools.

To request a detailed position description, click here. 

Qualifications

  • Bachelor’s degree from a four-year accredited college or university with major coursework in Computer Science, Information Technology or a related field

OR

  • 3 years of demonstrated work as an information technology professional

AND

  1. 5 years demonstrated experience leading technology teams in the areas of information securityrisk management, or quality assurance.
  2. Experience with process engineering, quality assurance, auditing, risk analysis or information security practices. (Experience may have been gained concurrently with the above).

Preferred/Desired Qualifications:

  1. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)or other equivalent certifications.
  2. Supervisory, leadership, and facilitation experience.

Additional Requirement of Employment:

  1. Must be able to pass an Unemployment Insurance (UI) Claim & Benefit Information Review.
  2. Position may require frequent and/or occasional travel to field offices within the state, and/or occasional travel for meetings and/or training.

Please submit only the required documentsas noted below and ensure all Personal Identifying Information (PII) such as Social Security numbers etc. are edited out of your materials for privacy. 

Please submit your Cover Letter and Resume with your Online Application through the “Add Attachments” field. A resume will not substitute for the “work experience” section of the application or vice versa. Applications with blank fields, or supplemental question responses with comments such as “see attachments” may be considered incomplete.

Supplemental Information

Our agency’s mission and values drive every decision that we make, determine how we interact with others, and are at the core of who we are. We value Access, Love, Belonging, Equity, and Stewardship. We understand that a work environment that respects your work/life balance is key; that’s why many of our positions are eligible for flexible work schedules and teleworking opportunities. Through support, value, and trust, our employees are empowered to grow and develop into their best self.

Opportunity for All
We strive to create a working environment that includes and respects cultural, ethnic, racial, religious, sexual orientation, and gender identity diversity. Women, racial and ethnic minorities, people with disabilities, people over 40 years of age, people with religious beliefs, veterans or people with military status, and people of all sexual orientations and gender identities are encouraged to apply.

The Employment Security Department is an equal opportunity employer/program. Auxiliary aids and services are available upon request to individuals with disabilities.
If you are a person needing assistance in the application process, if you need this job announcement in an alternate format, or if you have general questions about this opportunity, please contact [email protected] or the Talent Acquisition Team.

If you are having technical difficulties creating, accessing, or completing your application, please contact [email protected] or (360) 664-1960 or toll free (877) 664-1960, Washington Relay 711.
This recruitment may be used to fill additional agency-wide positions in accordance with Article 4 of the WFSE Collective Bargaining Agreement.

Candidates who are offered a job with ESD must possess work authorization which does not require sponsorship by the employer for a visa now or in the future.

More Information

Apply for this job

13th Anniversary Global InfoSec Awards for 2025 now open for super early bird packages! Winners Announced during RSAC 2025...

X