Senior Cyber Security Engineer

Title: Senior Cyber Security Engineer (Remote From Anywhere In Co)

Salary $109,000.00 - $124,000.00 Annually

Location Statewide, CO

Job Type Full Time

Job Number EGB92398

Department Governor's Office of Information Technology

FLSA Determined by Position

Primary Physical Work Address (Remote from anywhere in CO)

FLSA Status Exempt; position is not eligible for overtime compensation.

Type of Announcement

This announcement is not governed by the selection processes of the classified personnel system. Applications will be considered from residents and non-residents of Colorado.

Job Description:

Together, we innovate for a stronger Colorado

The work of employees at the Governor's Office of Information Technology (OIT) is challenging and diverse because the needs of agencies, customers and Coloradans constantly evolve. But our focus never changes: improve the lives of all Coloradans through innovation and collaboration. We're building one of the nation's leading government IT organizations by reimagining how we support agencies, building first-of-their-kind applications, and creating an inclusive, collaborative culture, together. Join us in the important work of providing equitable access to services.

Watch this video to learn about how OIT is thinking differently!  

IMPORTANT NOTE: Please review your application to ensure completion. For the most equitable applicant experience, OIT's hiring team considers only the contents of your application to review your qualifications. Please do not include any attachments (such as resume or cover letter) with your application as these items are not used by OIT's hiring team.  

Do you have demonstrated expertise in core security principles, such as robust access controls, cryptographic methods, and secure system architecture, with the ability to interpret and implement these effectively? Are you able to translate complex security requirements into practical technical guidance to securely implement controls within diverse technical environments? 

As OIT's Senior Cyber Security Engineer, you will be a subject matter expert who develops and implements security strategies, ensuring alignment with project goals and operational continuity. In this role, you will collaborate with technical system administrators and engineers, business continuity specialists, compliance analysts, and others to identify improvements and integrate new technologies. One of your key functions will be as a technical liaison between diverse stakeholder groups in complex technical environments. In this role, you will validate security control implementations, provide technical advisory support, and suggest and evaluate security tooling. You will also play a critical part in strengthening the agency's compliance by translating security controls into practical technical guidance.

Key Job Responsibilities: 

• Collaborating with compliance analysts and technical SMEs to validate system-level control implementations to support audit remediation and planning

• Developing processes and evaluating tooling to improve audit workflow automation and evidence management

• Interpreting security policies, standards, and frameworks (e.g., NIST 800-53, CJIS, IRS Publication 1075), mapping requirements to technical implementations, and validating adherence.

• Providing guidance on secure project implementation practices and helping define minimum security and compliance baselines for new systems and services.

• Developing and collaborating on readiness assessments and audit simulations by evaluating technical control implementations.

• Identifying opportunities for improvement by leveraging current systems' strengths and investigating new technologies and methodologies.

A wide salary range is posted for this position and any job offer is based upon a salary analysis to comply with the Colorado Equal Pay for Equal Work Act. The salary analysis considers relevant experience, education, certifications, and state seniority as compared to others doing substantially similar work. While all offers are compliant with the Colorado Equal Pay for Equal Work Act, there is no guarantee an offer will be at the top of the posted range based on the salary analysis. 

This is a skills-based job announcement. The required minimum qualifications and/or education (if substituting for the proven experience, knowledge, and skills), are as follows: 

Minimum Qualifications:

• At Least five (5) years of experience in a security engineering, secure code reviews, systems administration, or compliance advisory role in a variety of technical environments, including on-premise, cloud, and hybrid.

• Experience supporting audit or compliance programs  (e.g., NIST 800-53 CJIS, IRS, HIPAA, SOC 2, or similar).

Substitutions:

• Additional appropriate education will substitute for the required experience on a year-for-year basis, but cannot completely substitute for these qualifications. 

• Training or Certification related to the work assigned to the position will be assigned credit towards substitution for experience and/or education, but cannot completely substitute for these qualifications. 

• If the minimum qualifications include a degree requirement, additional appropriate paid or unpaid experience will substitute for the required education on a year-for-year basis.

Preferred Qualifications:

• Professional security certification.

• Exposure to Governance Risk and Compliance (GRC) tooling, such as ServiceNow GRC, Archer, or similar platforms.

Conditions of Employment:

OIT employees must comply with any screening procedures in place at state entity locations where they might be required to perform work.

A pre-employment background check will be conducted as part of the selection process. 

Positions supporting some agencies such as the Department of Corrections and the Department of Public Safety will also require a pre-employment drug test. 

This position may require travel within the specified geographic area, and to locations across the state as needed. 

If this posting indicates "remote from anywhere in CO" in the title, periodic reporting to the primary state work location designated for the position is required. All remote work must be performed in Colorado. 

While candidates from out of state will be considered for this role, the candidate selected for the position must relocate and reside in Colorado on the first day of their new position.  A reasonable timeframe for relocation will be established on an individual basis, while considering business needs, and determining a start date.

We know it's important to support each other, and that means having a healthy balance of work and personal time. Visit our benefits to learn more about some of our great offerings that allow us all to have fulfilling lives. 

Visit our How to Apply webpage to learn more about our application process and what to expect after you apply.

The State of Colorado strives to create a Colorado for All by building and maintaining workplaces that value and respect all Coloradans through a commitment to equal opportunity and hiring based on merit and fitness.  The State is resolute in non-discriminatory practices in everything we do, including hiring, employment, and advancement opportunities.

The Governor's Office of Information Technology is committed to the full inclusion of all qualified individuals. As part of this commitment, our agency will assist individuals who have a disability with any reasonable accommodation requests related to employment, including completing the application process, interviewing, completing any pre-employment testing, participating in the employee selection process, and/or to perform essential job functions where the requested accommodation does not impose an undue hardship. If you have a disability and require reasonable accommodation to ensure you have a positive experience applying or interviewing for this position, please direct your inquiries to our ADA Coordinator or call.

This posting may be used to fill multiple vacancies based upon business need. 

The Governor's Office of Information Technology does NOT offer sponsored Visas for employment purposes.