Chief Compliance Officer (SPSA Opt. 1)

State of Illinois•Springfield, IL

14d

About The Position

Are you ready to take on a role that places you at the center of innovation, governance, and strategic decision-making? The Department of Innovation & Technology (DoIT) is seeking a visionary Chief Compliance Officer to lead its enterprise-wide compliance program. In this influential position, you will:Drive Policy and Strategy: Serve as a key policy-making authority, crafting and implementing a comprehensive compliance framework that safeguards the integrity of statewide technology initiatives.Lead Multi-Agency Collaboration: Partner with leaders across agencies, auditors, and cybersecurity experts to ensure adherence to industry standards and regulatory mandates, including SOC 1, SOC 2, and guidelines from the Office of the Auditor General.Be the Trusted Advisor: Guide agency clients on critical IT compliance matters, shaping projects that impact thousands of users and strengthen the state’s cybersecurity posture.Expand Your Network: Build relationships with top decision-makers, regulatory bodies, and technology innovators—positioning yourself as a thought leader in compliance and risk management.This is more than a job—it’s an opportunity to influence statewide technology policy, protect critical infrastructure, and lead a team committed to excellence. If you have the expertise, vision, and leadership to thrive in this dynamic environment, join the DoIT team and make your mark on the future of technology compliance.

Requirements

Requires a bachelor's degree with courses in business management, public administration, financial accounting, or auditing.
Requires prior experience equivalent to five (5) years of progressively responsible administrative experience in compliance, audit, legal, or regulatory roles within an Information Technology environment.
Requires five (5) years of professional experience supervising or leading a team of professionals in a large public or business organization.
Requires the ability to verify identity.
Requires employment authorization to accept permanent full-time position with the State of Illinois.
Requires the ability to pass a position specific, agency required background check.
Requires self-disclosure of criminal history.
Requires ability to travel.
Requires ability to work outside of normal business hours to meet deadlines.
Requires ability to attend seminars, conferences, and trainings to stay current on methods, tools, ideologies, or other industry related topics relevant to the job duties.
Requires ability to lift and carry objects weighing up to 20 pounds. This is considered light work as defined by the U.S. Department of Labor (20 CFR 404.1567(b)). Light work involves lifting no more than 20 pounds at a time with frequent lifting or carrying of objects weighing up to 10 pounds.
Requires adherence to the revolving door restrictions outlined in 5 ILCS 430/5-45. Consequently, employees should be aware that in the event of receiving a non-State employment offer during state employment or within one year immediately following the termination of State employment, they are required to inform the Office of the Executive Inspector General (OEIG) for the Agencies of the Illinois Governor before accepting such non-State employment. Failure to notify the OEIG may result in the imposition of a fine.
Requires compliance with the provisions outlined in section 4A-101 of the Illinois Governmental Ethics Act, necessitating the occupant of this position to file of a Statement of Economic Interest. Pursuant to the Illinois Governmental Ethics Act (5 ILCS 420/4A et seq.), specific state officials and employees are required to annually submit Statements of Economic Interest to the Office of the Secretary of State, which will be accessible to the public for examination and copying. Employees subject to this requirement must also file a Supplemental Statement of Economic Interest with the Executive Ethics Commission, as specified in Executive Order 15-09. Failure to submit these statements in a timely manner may result in fines and penalties.

Nice To Haves

Five (5) years of professional experience in developing, implementing, and overseeing compliance/audit programs and projects in a large public or private enterprise, including administrative, regulatory, fiscal, IT, and cybersecurity.
Five (5) years of professional experience applying regulatory frameworks such as SOC 1, SOC 2, NIST, ISO/IEC 27001, and COBIT, with demonstrated experience in managing compliance audits and remediations in these areas.
Five (5) years of experience managing and directing compliance teams, including leading cross-functional teams and liaisons in large-scale public or private sector organizations.
Five (5) years of professional experience collaborating with and advising executive leadership to integrate compliance initiatives into strategic business operations.
Five (5) years of professional experience interpreting and applying federal, state, and industry-specific regulations, such as those set by the Office of the Auditor General, to ensure full legal and regulatory compliance.
Five (5) years of professional experience as a strategic advisor, providing high-level compliance guidance to senior leadership and influencing decision-making to align compliance efforts with organizational objectives.
Five (5) years of professional experience performing risk assessments, developing control frameworks, and implementing mitigation strategies for compliance vulnerabilities in complex enterprise environments.
Ability to build and maintain strong interpersonal relationships with internal and external stakeholders, including senior leadership, regulatory bodies, and cross-functional teams, to foster collaboration and ensure alignment on compliance initiatives and strategic goals.
Developed verbal and written communication skills to present technical information with precision and clarity.
Certifications as a Certified Information Systems Auditor (CISA), Certified Compliance and Ethics Professional (CCEP), Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), or Certified Information Security Manager (CISM).

Responsibilities

Subject to management approval of the Department of Innovation & Technology (DoIT) Secretary, serves as the Chief Compliance Officer (CCO) and policy-making official for the DoIT Compliance Program.
Oversees the enterprise-wide compliance liaison team which liaises with agency clients on Agency compliance and audit matters and projects, including IT and cybersecurity, Administrative Regulatory, and Fiscal.
Possesses executive level authority to manage compliance risks and conduct advanced risk assessments/testing.
Serves as official agency spokesperson on behalf of the DoIT Secretary to all internal and external entities including all client agencies, private and federal officials regarding all compliance issues and policies.
Serves as full-line supervisor.
Manages and oversees comprehensive documentation, communication, and reporting for executive review and ensures the accurate and timely maintenance of compliance records, investigations, and resolutions for executive and regulatory review.
Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.

Benefits

Competitive Group Insurance benefits including health, life, dental and vision plans
Flexible work schedules (when available and dependent upon position)
10 -25 days of paid vacation time annually (10 days for first year of state employment)
12 days of paid sick time annually which carryover year to year
3 paid personal business days per year
13-14 paid holidays per year dependent on election years
12 weeks of paid parental leave
Pension plan through the State Employees Retirement System
Deferred Compensation Program – voluntary supplemental retirement plan
Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP)
Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility