If you are a current State of Maine employee, please submit your application through the internal application process using the Find Jobs report in PRISM. Seasonal employees who do not have PRISM access should apply through the State’s career page and indicate on the application that they have previously worked for the State.

.

Office of Information Technology

- Anticipated Vacancy -

Opening Date: March 24, 2026

Closing Date: April 07, 2026

Grade/Admin Unit: 31 Confidential

Job Class Code: MH31
Salary: $82,184.95 - $116,390.56*/Annually (*includes 10% recruitment and retention stipend)
Position Number: 004250759

Location: Augusta

Telework: Available

This position is not eligible for visa sponsorship or STEM OPT extensions.

OVERVIEW:

Strengthen the control environment that protects the State of Maine. The Senior IT Control and Compliance Manager leads the regulatory compliance and information security control environment for the State of Maine. Reporting to the Senior Security Governance, Risk, and Compliance (GRC) Manager, this role directs the IT Compliance and Audit team and serves as a key contributor to the design, implementation, and continuous improvement of a comprehensive security control framework aligned with National Institute of Standards and Technology standards and applicable federal and state regulations. This position blends cybersecurity, audit, governance, and process improvement expertise to ensure that State systems and data remain secure, compliant, and audit ready.

Hybrid Work Opportunity – This position has the potential to work from home up to 90% of the time with management approval.

WHAT YOU'LL DO:

No two days look the same in Information Security Office. Core responsibilities include:

Lead and Govern the Control Framework

• Define, implement, and maintain a comprehensive IT security control framework, including information technology general controls, technical security controls, policies, and procedures.
• Align controls with National Institute of Standards and Technology frameworks and other applicable regulatory requirements.
• Mature and optimize control documentation, testing processes, and evidence management practices.
• Utilize RSA Archer as the centralized governance, risk, and compliance platform to document controls, risks, exceptions, and remediation activities.
  

Oversee Compliance and Regulatory Readiness

• Serve as subject matter expert on federal and state regulatory requirements including Internal Revenue Service, Centers for Medicare and Medicaid Services, Social Security Administration, Department of Health and Human Services Office for Civil Rights, Federal Bureau of Investigation Criminal Justice Information Services, and other applicable authorities.
• Develop and maintain system security plans and required compliance documentation.
• Coordinate and facilitate internal and external audits.
• Provide audit support and ensure timely remediation of findings.
  

Manage Risk and Exceptions

• Centrally document, track, and report risks, control gaps, and remediation plans using RSA Archer.
• Work directly with control and process owners to remediate deficiencies in a scalable and risk-balanced manner.
• Inventory and assess current-state processes, policies, and controls to identify improvement opportunities.
• Provide periodic reporting to executive leadership and stakeholders on compliance posture and risk trends.
  

Partner Across State Agencies

• Collaborate with agencies to strengthen protection of sensitive data including Federal Tax Information, Affordable Care Act data, Social Security information, Criminal Justice Information, Payment Card Industry data, Health Information, and Personally Identifiable Information.
• Translate complex control requirements into clear, actionable guidance for technologists and business stakeholders.
• Promote consistent implementation of security standards across diverse agency environments.
  

Lead and Develop the Team

• Supervise compliance and audit personnel.
• Establish clear performance expectations and professional development pathways.
• Build a culture of accountability, transparency, and continuous improvement within the compliance function.
  

WHY THIS ROLE STANDS OUT:

• Enterprise Impact- Shape the security control framework protecting critical statewide systems and regulated data.
• Regulatory Leadership- Serve as the central authority for multi-framework compliance in a complex public-sector environment.
• Strategic Visibility- Provide executive-level reporting and influence enterprise risk decisions.
• Modern GRC Platform- Leverage RSA Archer to mature risk and compliance management practices.
• Mission-Driven Work- Protect data and services relied upon by Maine residents.
  

WHY YOU'LL LOVE WORKING IN INFORMATION SECURITY OFFICE:

• Generous telework flexibility
• Meaningful work supporting public service
• Collaborative and professional leadership culture
• Investment in training and certification development
• Emphasis on innovation and process maturity
• Strong work-life balance
  

MINIMUM QUALIFICATIONS:

• Bachelor’s degree in information technology, cybersecurity, audit, accounting, or related field, and
• A minimum of 5 years of professional experience in information technology audit, internal audit, cybersecurity compliance, or related security roles, including supervisory or team leadership experience.
  

Preference will be given to candidates with:

• Demonstrated leadership experience overseeing compliance, audit, or control validation teams
• Direct experience managing or coordinating federal regulatory audits within a complex, multi-agency environment
• Hands-on experience configuring, administering, or optimizing RSA Archer or similar governance, risk, and compliance platforms
• Professional certifications such as Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified in Risk and Information Systems Control, Certified Information Security Manager, or comparable credentials

PREFERRED COMPETENCIES:

• Enterprise Risk Perspective- Ability to evaluate control effectiveness within broader organizational risk strategy and enterprise priorities.
• Operational Integration- Skill in embedding compliance requirements into daily operational processes rather than treating compliance as a standalone activity.
• Executive Reporting and Transparency- Capability to produce clear, decision-ready reporting for senior leadership and oversight bodies.
• Process Modernization- Experience improving audit workflows, evidence management, and control testing efficiency.
• Influence and Stakeholder Engagement- Ability to build consensus among technical teams, agency leadership, auditors, and legal stakeholders.
• Strategic Discipline- Strong prioritization and resource alignment skills in a regulated, resource-constrained environment.

CONTACT INFORMATION: For more information or questions specific to the position, please contact recruiting.ggsc@maine.gov

The selected candidate will be required to pass the required background checks (fingerprinting may be required) as a condition of employment.

Benefits of working for the State of Maine:

No matter where you work across Maine state government, you find employees who embody our state motto—"Dirigo" or "I lead"—as they provide essential services to Mainers every day. We believe in supporting our workforce's health and wellbeing with a valuable total compensation package, including:

• Work-Life Balance – Rest is essential. Take time for yourself using 13 paid holidays, 12 days of sick leave, and 3+ weeks of vacation leave annually. Vacation leave accrual increases with years of service, and overtime-exempt employees receive personal leave.

• Health Insurance Coverage – The State of Maine pays 85%-100% of employee-only premiums ($11,857.68-$13,950.24 annual value), depending on salary. Use this chart to find the premium costs for you and your family, including the percentage of dependent coverage paid by the State.

• Health Insurance Premium Credit – Participation decreases employee-only premiums by 5%. Visit the Office of Employee Health and Wellness for more information about program requirements.

• Dental Insurance – The State of Maine pays 100% of employee-only dental premiums ($365.28 annual value).

• Retirement Plan – The State of Maine contributes 18.91% of pay to the Maine Public Employees Retirement System (MainePERS), on behalf of the employee.

• Gym Membership Reimbursement – Improve overall health with regular exercise and receive up to $40 per month to offset this expense.

• Health and Dependent Care Flexible Spending Accounts – Set aside money pre-tax to help pay for out-of-pocket health care expenses and/or daycare expenses.

• Public Service Student Loan Forgiveness – The State of Maine is a qualified employer for this federal program. For more information, visit the Federal Student Aid office.

• Living Resources Program – Navigate challenging work and life situations with our employee assistance program.

• Parental leave is one of the most important benefits for any working parent. All employees who are welcoming a child—including fathers and adoptive parents—receive forty-two (42) consecutive calendar days of fully paid parental leave. Additional, unpaid leave may also be available, under the Family and Medical Leave Act.

• Voluntary Deferred Compensation – Save additional pre-tax funds for retirement in a MaineSaves 457(b) account through payroll deductions.

State employees are eligible for an extensive and highly competitive benefits package, covering many aspects of wellness. Learn about additional wellness benefits for State employees from the Office of Employee Health and Wellness.

Note: Benefits may vary somewhat according to specific collective bargaining agreements and are prorated for anything less than full-time.

There's a job and then there's purposeful, transformative work. Our aim is to create a workplace where you can learn, grow, and continuously refine your skills. Applicants demonstrate job requirements in differing ways, and we appreciate that many skills and backgrounds can make people successful in this role.

As an Equal Opportunity employer, Maine State Government embraces a culture of respect and awareness. We are committed to creating a strong sense of belonging for all team members, and our process ensures an inclusive environment to applicants of all backgrounds including diverse race, color, sex, sexual orientation or gender identity, physical or mental disability, religion, age, ancestry, national origin, familial status or genetics.

If you’re looking for a great next step, and want to feel good about what you do, we’d love to hear from you. Please note reasonable accommodations are provided to qualified individuals with disabilities upon request.

Thinking about applying?

Research shows that people from historically excluded communities tend to apply to jobs only when they check every box in the posting. If you’re currently reading this and hesitating to apply for that reason, we encourage you to go for it! Let us know how your experience and passion set you apart.

If you require a paper application, please download and print one HERE

.

If you are unable to complete the online application, please contact the Human Resources representative listed on the job opening you are interested in applying for. They will work with you for an alternative method of submitting.