GRC Compliance Lead

Full Job Description

The mission of the Colorado Department of Revenue (CDOR) is to become a trusted partner to every Coloradan to help them navigate the complexities of government so they can thrive. We are driven by our values of service, teamwork, accountability, integrity, and respect.

The vision of the department is to empower businesses and individuals through quality customer service, innovation, and collaboration.

We celebrate diversity and support an equitable and inclusive culture. We embrace our differences because we believe this brings innovation to our work.

For more exciting information about the Department of Revenue, please enjoy this brief video!

Helpful tips for applying:

Applying for a Job with the State of Colorado.

What Happens After You Apply.

Requirements

The Colorado Department of Revenue (CDOR) Taxation Division is seeking a strategic and detail-oriented professional for the role of Governance, Risk, and Compliance (GRC) Compliance Lead.

This position provides critical assurance services to the Taxation Division, ensuring comprehensive adherence to all applicable laws, regulations, and security policies.

As a designated subject matter expert in federal regulatory compliance, you will provide essential consultation on broad program and policy directions.

Management and peers department-wide will rely on your specialized expertise to navigate complex federal regulations and maintain full legal compliance.

In this role, you will be dedicated to ensuring the continuous security and confidentiality of Federal Tax Information (FTI) through strict adherence to IRS Publication 1075 and other critical regulatory frameworks.

You will serve as a high-level technical consultant to internal business sections, the Governor’s Office of Information Technology (OIT), and external contractors, offering specialized expertise on risk assessments, system upgrades, and policy modifications.

What You'll Do:

• Ensure continuous compliance with all applicable federal and state laws, regulations, and security control requirements, specifically focusing on the safeguarding of Federal Tax Information (FTI).

• Act as a technical consultant to internal business units, the Office of Information Technology (OIT), and external vendors on matters regarding IRS Publication 1075 and NIST SP 800-53 standards.

• Lead the preparation and submission of critical federal reports, including the semi-annual IRS Corrective Action Plan (CAP) and the annual IRS Safeguards Security Report (SSR).

• Manage and track the implementation of all internal and external audit findings, ensuring that business units provide necessary documentation and meet remediation deadlines.

• Design and deliver mandatory training programs, including annual federal data security training, for all personnel and vendors who access sensitive tax information.

• Serve as Colorado’s Disclosure Officer, coordinating and responding to information-sharing requests from the IRS and other tax administration agencies.

• Conduct physical site inspections of Department of Revenue facilities, vendor sites, and associated data centers to verify regulatory and security compliance.

• Proactively analyze and synthesize new or evolving compliance requirements to drive the development of enforceable division-wide policies and procedures.

• Collaborate with GRC staff to identify and implement opportunities for automating compliance activities, aligning them with the Division’s Quality Assurance and Insider Threat Programs.

• Establish a comprehensive annual compliance roadmap to track all mandated activities, regulatory deadlines, and scheduled internal inspections.

Qualifications

Residency Requirement:

This posting is only open to residents of the State of Colorado at the time of submitting your application.

Class Code & Classification Description:

H8D5XX AUDITOR IV

Experience Only:

• Eight (8) years of relevant experience in an occupation related to the work assigned to this position

OR

Education and Experience:

• A combination of related education and/or relevant experience in an occupation related to the work assigned equal to eight (8) years

• Current, valid licensure as a CPA from the Colorado Board of Accountancy or current, valid CIA certificate will substitute for five (5) years of the requirement

Preferred Qualifications:

The ideal candidate will possess the following skills:

• Extensive experience implementing and auditing security controls specifically mandated by IRS Publication 1075 to ensure the confidentiality and safeguarding of federal tax data.

• Deep professional knowledge of NIST SP 800-53 (Rev. 5) standards, Social Security Administration (SSA) compliance requirements, Colorado privacy statutes, and state-level data security policies.

• Proven track record of serving as a lead liaison for internal and external audits, including the management of Corrective Action Plans (CAP) and Safeguards Security Reports (SSR).

• Demonstrated ability to synthesize evolving federal and state laws into enforceable, division-wide policies and standard operating procedures.

• Experience acting as a subject matter expert for technical teams (such as OIT) and business units during system upgrades or the implementation of new technologies.

• Background in planning, designing, and delivering mandatory federal security training to diverse groups, including employees, external agency personnel, and vendors.

• Ability to identify and implement opportunities to streamline compliance activities through automation, ideally aligned with a Quality Assurance and/or Insider Threat Program(s).

• Experience conducting physical site inspections of data centers and government facilities to verify adherence to logical and physical security controls.

• Strong interpersonal skills used to mediate between technical IT execution and legal mandates, ensuring a unified approach to data protection.

• Ability to manage high-stakes regulatory deadlines and prioritize audit remediations based on risk ratings and organizational urgency.

• Experience translating highly technical compliance requirements into understandable, actionable terms for managers and/or business users.

• Experience with GenTax especially from a compliance perspective.

• Experience in tax administration.

• CISA certification or other relevant certification(s).

Conditions of Employment with the CDOR:

Employees are in a position of public trust in the performance of their job duties and must operate in a manner that maintains the highest standards of honesty, integrity, and public confidence.

As a condition of employment with the CDOR, all personnel must file all necessary Colorado Individual Income Tax (CIIT) returns and pay tax obligations, therefore all employees must undergo a pre-employment evaluation of their tax records/accounts to ensure compliance with this policy.

Final candidates must also complete a successful background investigation and reference check prior to appointment. Certain positions based on duties may require scheduled background investigations.

Pursuant to the Universal Driving Standards Policy, any worker who will be expected to drive a State-owned vehicle is responsible for maintaining a safe driving record and a valid driver license prior to driving any State-owned vehicle.

To be compliant with the new fleet vehicle policy, Motor Vehicle Records (MVRs) will be pulled for review for workers who:

• Have an assigned State fleet vehicle

• Are required to operate a vehicle as part of the position

• Utilize a State fleet vehicle as a pool vehicle

Minimum Qualification Screening

A Human Resources Analyst will only review the work experience/job duties sections of the online job application, to determine whether you meet the minimum qualifications for the position for which you are applying.

Only complete applications submitted before the closing date of this announcement will be reviewed.

• Applicants must meet the minimum qualifications to continue in the selection process for this position. Do not use "see resume" or "see attached" statements on your application.

• Cover letters and resumes will not be accepted in lieu of the official State of Colorado online application. Part-time work experience will be prorated.

• Recommended attachments: Resume, Cover letter

• List your employment history starting with the most recent job, including part-time, temporary, and volunteer jobs. If more than one job was held with a given organization, list each job held as a separate period of employment.

• Information must be accurate, including dates of employment. If it is found that information provided is falsified, you will not be considered for a job with the State of Colorado and/or may be removed from a job after hire.

• The eligible list established from this posting may be used to fill additional vacancies.

Email Address:

All correspondence regarding your status in the selection/examination process will be conducted via email.

Please set up your e-mail to accept messages from "state.co.us" and "info@governmentjobs.com" addresses.

It is your responsibility to ensure that your email will accept these notices and/or review your junk mail and spam filtered email.

If you receive notice that you have been eliminated from consideration for this position, you may file an appeal with the State Personnel Board or request a review by the State Personnel Director.

An applicant who has been removed from an employment list or removed from consideration during the selection process may request a review by the State Personnel Director.

As an applicant directly affected by the results of the selection or comparative analysis process, you may file a written appeal with the State Personnel Director.

Review of the completed, signed and submitted appeal will be timely on the basis of written material submitted by you, using the official appeal form signed by you or your representative.

This form must be completed and delivered to the State Personnel Board by email at dpa_state.personnelboard@state.co.us within ten (10) calendar days from your receipt of notice or acknowledgement of the Department’s action.

For further information on the Board Rules, you can refer to 4 Colorado Code of Regulations (CCR) 801-1, State Personnel Board Rules and Personnel Director's Administrative Procedures, Chapter 8, Resolution of Appeals and Disputes, at spb.colorado.gov/board-rules.

Additional Information

Equity, Diversity, and Inclusion Compliance

The State of Colorado strives to create a Colorado for All by building and maintaining workplaces that value and respect all Coloradans through a commitment to equal opportunity and hiring based on merit and fitness.

The State is resolute in non-discriminatory practices in everything we do, including hiring, employment, and advancement opportunities.

The State of Colorado believes that equity, diversity, and inclusion drive our success, and we encourage candidates from all identities, backgrounds, and abilities to apply.

The State of Colorado is an equal opportunity employer committed to building inclusive, innovative work environments with employees who reflect our communities and enthusiastically serve them.

Therefore, in all aspects of the employment process, we provide employment opportunities to all qualified applicants without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity or expression, pregnancy, medical condition related to pregnancy, creed, ancestry, national origin, marital status, genetic information, or military status (with preference given to military veterans), or any other protected status in accordance with applicable law.

The Colorado Department of Revenue is committed to the full inclusion of all qualified individuals.

As part of this commitment, our agency will assist individuals who have a disability with any reasonable accommodation requests related to employment, including completing the application process, interviewing, completing any pre-employment testing, participating in the employee selection process, and/or to perform essential job functions where the requested accommodation does not impose an undue hardship.

If you have a disability and require reasonable accommodation to ensure you have a positive experience applying or interviewing for this position, please direct your inquiries to our ADAAA inbox, dor_ohr@state.co.us.

We are committed to building work environments that are inclusive and reflect our communities and the diverse talents of all people. We strongly encourage candidates from all backgrounds and abilities to apply.

If not applying online, submit application to:

If you are not able to submit an online application, a paper application is available at this link: PDF State Paper Application(Download PDF reader).

Paper applications must be received via email to dor_ohr@state.co.us by the closing date and time of the application period listed on this announcement.

Methods of Appointment:

Appointment to the vacancy or vacancies represented by this announcement is expected to be from the eligible list created. However, at the discretion of the appointing authority, the position(s) may be filled by another method of appointment for a valid articulated business reason.

Step Pay Program:

Per the requirements of the Step Pay Program, any former or current State employee must be paid a rate that is equal to or greater than the appropriate step pay rate within their classification's pay range based on completed years in their current class series.