Information Technology Specialist 5 - Information Security Liaison

Full Job Description

Only applicants who meet the Minimum Qualification Requirements and meet all selective requirements (listed below) will be placed on the eligible list.

The Department of Management (DOM), Division of Information Technology (DoIT) is seeking an Information Technology Specialist 5 – Information Security Liaison to serve as a trusted advisor between our enterprise information security program and client agencies.

In this role, you will help safeguard critical assets and multi-billion-dollar operations by coordinating security initiatives, supporting incident response, and delivering impactful awareness and training programs.

If you have a passion for cybersecurity, risk management, and building strong partnerships, this is your opportunity to make a meaningful impact in a dynamic, fast-paced environment!

What You Will Do

• Act as the primary liaison between the State of Iowa enterprise information security program and client agencies.
• Provide consultative guidance on security best practices, enterprise security architecture, and compliance requirements.
• Assist in planning and integrating enterprise security solutions (e.g., IAM, SIEM, vulnerability management, endpoint protection).
• Translate state-level security policies and frameworks (e.g., CyberGUARD, NIST RMF) into actionable steps for client agencies.
• Coordinate with internal teams and vendors to ensure security solutions meet enterprise standards and client needs.
• Support the Security Operations Center (SOC) in incident response coordination, including communication and documentation.
• Facilitate collaboration between SOC analysts and client IT teams during investigations and remediation.
• Develop and deliver statewide information security awareness programs and customized training for client agencies.
• Track and evaluate training participation and effectiveness; incorporate emerging threats into awareness campaigns.
• Assist client agencies in applying the NIST Risk Management Framework and meeting state security thresholds.
• Collect, analyze, and report security posture metrics to leadership; develop dashboards and summaries for risk trends.
• Participate in governance reviews, audits, and interagency committees to strengthen enterprise security posture.

What We Are Seeking

• Knowledge of information security principles, frameworks, and compliance standards.
• Strong communication skills to collaborate with agencies and stakeholders.
• Ability to deliver security awareness programs and training.
• Experience with incident response and enterprise security solutions.

What We Offer

• Flexible work environment
• Iowa Public Employees' Retirement System (IPERS)
• Health, dental, and vision insurance
• Generous vacation, sick leave, and paid holidays
• Life and disability insurance
• Retirement savings options (RIC)
• Flexible Spending Accounts

Why Work with Us?

At the Iowa Department of Management (DOM), we help government agencies across the state perform at their best by managing financial resources, technology, and information.

Our mission is rooted in service—we provide efficient, innovative, and strategic solutions that empower agencies to fulfill their goals.

We’re guided by four core values:

• Integrity – We act with honesty and accountability.
• Teamwork – We collaborate to achieve shared success.
• Service – We are committed to excellence in public service.
• Partnership – We build strong relationships to drive results.

Working Arrangement

This position requires onsite work in Des Moines, IA each week. Employees meeting all expectations of their work responsibilities may request remote work and develop a hybrid/remote schedule collaboratively with their manager.

Please note, candidates for this position must reside in the state of Iowa at the time of starting the role.

Background Check Requirements

• After a conditional offer of employment has been made, and as the final step in the hiring process, candidates for this position will be subject to a background investigation, which may include but may not be limited to a verification of a candidate’s education, previous employment/work history, contact of personal references, motor vehicle records, and a criminal history check (including through Federal, State, or Local criminal justice agencies).
• Information gathered as part of such background investigation will be treated as confidential to the extent permitted by Iowa Code section 22.7, 8B.4A, and other applicable laws, rules, and regulations; provided that, to the extent permitted by applicable law, such information shall be available to candidates upon request.

E-Verify and Right to Work

The State of Iowa participates in E-Verify, a federal program that helps employers confirm the employment eligibility of all newly hired employees.

Within the required timeframe, new hires will be verified through the E-Verify system to ensure authorization to work in the United States.

The State of Iowa also complies with the Federal Right to Work laws, which protect employees’ rights to work without being required to join a labor organization.

For more information, please visit www.e-verify.gov.

Requirements

990 Cyber Security Planning:
A minimum of 18 months of full-time work experience in cyber security planning at a professional level that included the following major functions: participating in and leading a company-/agency-wide cyber security planning program including the identification of cyber security risks, development of prevention and response plans to minimize cyber-attack damages including mass care and consequences management, and the development of continuation of business operation plans; participating in national cyber security planning initiatives and exercises; responding to and participating in the recovery work from cyber security incidents; and working across governments, private sectors, and non-profit organizations collaboratively on cyber security planning activities and plans for response.

AND

727 Risk Assessment:
6 months experience, 12 semester hours, or a combination of both in analyzing and identifying risks and the corresponding potential impact to information and information technology systems.

Qualifications

Applicants must meet at least one of the following minimum requirements to qualify for positions in this job classification:

**Note: To pass the initial screening, applicants must demonstrate the technical skills listed below:

1) Graduation from an accredited four-year college or university with a degree in any field, and experience equal to three years of full-time work in application development and database management, business analysis, systems and network administration, technical training and reporting, IT vendor and purchasing management, IT project management, IT product management, system testing and quality assurance, mainframe and platform administration, and/or information technology security.

2) Graduation from an accredited four-year college or university with a degree in computer science, computer applications, software engineering, computer engineering, management information systems, business analytics, or cyber security, and experience equal to two years of full-time work in application development and database management, business analysis, systems and network administration, technical training and reporting, IT vendor and purchasing management, IT project management, IT product management, system testing and quality assurance, mainframe and platform administration, and/or information technology security.

3) All of the following (a and b):

a.

Three years of full-time work experience in application development and database management, business analysis, systems and network administration, technical training and reporting, IT vendor and purchasing management, IT project management, IT product management, system testing and quality assurance, mainframe and platform administration, and/or information technology security; and

b. A total of four years of education and/or full-time experience (as described in part a), where thirty semester hours of accredited college or university coursework in any field equals one year of full-time experience.

4) All of the following (a and b):

a.

Five years of full-time work experience in application development and database management, business analysis, systems and network administration, technical training and reporting, IT vendor and purchasing management, IT project management, IT product management, system testing and quality assurance, mainframe and platform administration, and/or information technology security; and

b. Either of the following:

i. Certification from an authorized educational institution/major computer or software producer in one or more of the specialty areas listed in part a; or

ii. Eighteen semester hours from an accredited college or university in one or more of the specialty areas listed in part a.

5) Current, continuous experience in the state executive branch that includes six months of full-ime work as an Information Technology Specialist 4.

For additional information, please click on this link to view the job description.