Information Security Engineer

Join the 2,800 professionals of Minnesota IT Services (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.

Job Summary

Join our team as a Principal Information Security Engineer (PISE) and take the lead in protecting the state’s most important information and systems. In this key role, you will help shape and strengthen our Information Security Program to keep our data secure from today’s threats and ready for future challenges. Your main focus will be on Governance, Risk, and Compliance (GRC)—helping to build a strong, compliant, and proactive security culture throughout the organization.

Key Responsibilities:

• Mentor and train team members to build skills, share knowledge, and promote best practices.
• Design and Implement security controls that meet state and federal standards.
• Coordinate and support audits, both internal and external; help develop corrective action plans and track progress.
• Lead security assessments from planning through completion, including defining scope, assigning tasks, monitoring progress, and ensuring timely delivery.
• Prepare and maintain security documentation, such as System Security Plans (SSPs), Plans of Action and Milestones (POAMs), and other required documentation.
• Monitor and report on compliance with security policies and regulatory requirements.
• Acting as a primary liaison with federal agency partners to support compliance efforts, security assessments, and audit engagements.
• Collaborate with IT and business teams to integrate security into projects and daily operations; provide subject matter expertise as needed.
• Represent the security team in meetings, audits, and planning sessions as an expert in information security governance, risk, and compliance.
• Promote a culture of security awareness, encouraging proactive identification and mitigation of risks.

This position requires an employee to be onsite at 540 Cedar Street, Saint Paul, Minnesota at least 50% of the time, with some opportunity to perform work from a telework location. Telework for Minnesota IT Services is available on a limited basis. Employees will be required to meet current telework eligibility requirements.

Qualifications

Position requires a minimum of five (5) years of IT related experience in information security engineer or related information security role.

Experience must include:

• Experience serving in the role of Team Lead, Principal or Architect level position.
• GRC experience leading federal regulatory reviews and compliance activities, coordinating audits, developing policies, or reporting on security metrics.
• Experience with security governance, risk assessment, and compliance management.
• Comfortable working with Unix, Linux, and Windows operating systems, and familiar with the tools used to manage them.
• Able to create or review technical documentation and make sure it’s clear and accurate.
• Demonstrated ability to communicate clearly and effectively in a manner that facilitates mutual understanding.
• Customer-focused approach grounded in active listening, empathy, and solution-oriented problem-solving to deliver positive user experiences.

Education in Information Technology (IT) or an IT related field may substitute for experience as follows: a master’s degree for eighteen (18) months of experience; a bachelor’s degree for one (1) year; and an associate’s degree for six (6) months.

Minnesota IT Services does not participate in E-Verify. Minnesota IT Services will not sponsor applicant for work visas, including F-1 STEM OPT extensions. All applicants must be legally authorized to work in the United States.