OFFICE OF INFORMATION TECHNOLOGY - MAINE IT
SENIOR CYBERSECURITY GOVERNANCE, RISK AND COMPLIANCE (GRC) MANAGER
Hybrid Work Opportunity – This position has the potential to work from home as much as 90% of the time with management approval.
Lead the strategy that safeguards Maine’s most sensitive information.
As the Senior Cybersecurity GRC Manager, you'll oversee MaineIT’s Governance, Risk, and Compliance (GRC) program—ensuring that the State of Maine’s cybersecurity efforts align with compliance requirements, organizational goals, and risk tolerance. This is a unique opportunity to build and grow a foundational program that promotes a culture of security and compliance across the entire enterprise.
You’ll lead a team of State employees and contracted professionals to develop policies, manage risks, ensure regulatory compliance, and promote enterprise-wide training and awareness. Reporting directly to the Chief Information Security Officer (CISO), this role is vital to shaping the long-term security posture of the State of Maine.
-------------------------------------------------------------------------------------------------------------------------------------------
What You’ll Do
No two days look quite the same in MaineIT’s Information Security Office. In general, you can expect to:
- Lead & Manage: Guide a cross-functional team delivering key security governance, risk, and compliance services.
- Drive Policy & Compliance: Maintain frameworks, policies, and controls that align with legal and industry regulations and standards.
- Oversee Risk Management: Conduct and manage technical risk assessments to inform strategic decision-making.
- Enable Resilience: Develop and test business continuity and incident response plans to keep services running during disruptions.
- Promote Awareness: Champion security education and a risk-aware culture throughout State agencies.
- Collaborate Broadly: Work with all departments in state government to align security efforts with business needs.
-------------------------------------------------------------------------------------------------------------------------------------------
Why This Role Stands Out
As a cybersecurity professional you have a lot of options when it comes to your career. We get it. Here’s what sets our role apart:
- Strategic Impact: Influence how cybersecurity is governed at the highest levels of State of Maine IT.
- Enterprise Reach: Collaborate with every department across Maine state government.
- Professional Growth: Work on meaningful, complex projects that challenge and expand your expertise.
- Public Service Mission: Help secure services that directly impact the lives of Maine’s citizens.
- Supportive Culture: Learn on the job, grow your skill set, and work with talented, mission-driven peers.
-------------------------------------------------------------------------------------------------------------------------------------------
Why You’ll Love Working at MaineIT
If you are seeking a culture that supports growth, fosters success, and want to play a key role in maintaining the confidentiality, integrity, and availability of State of Maine data and systems, then MaineIT is where you need to be! With the MaineIT, Information Security Office can expect:
- One of the most generous hybrid work opportunities within Maine state government.
- A collaborative, fast-paced environment that values innovation.
- Opportunities to make a real impact and drive meaningful change.
- Support for career development, on the job learning, and advancement.
- Competitive compensation, comprehensive benefits, and generous time off.
MINIMUM QUALIFICATIONS:
- Bachelor’s degree in computer science, information technology, cybersecurity, or a related field, and
- A minimum of 5 years of experience in cybersecurity or information security roles, with at least at least 3 of those years in a managerial or leadership role overseeing security architecture and strategy.
- Candidates must have advanced experience, education and/or seasoning in information security governance, risk management, and regulatory compliance.
- Demonstrated understanding of the National Institute of Standards and Technology Special Publication (SP) 800 series guidelines, recommendations, technical specifications, and reports of cybersecurity best practices is a must.
Special preference will be given to candidates with appropriate certifications (e.g., CISSP, CISM, or similar).
The selected candidate will be required to pass the required background checks(fingerprinting may be required) as a condition of employment.
This position is not eligible for visa sponsorship or STEM OPT extensions.
Preferred Competencies:
- Capable: Strong in GRC strategy, compliance, and risk management.
- Receptive: Builds trusted partnerships across diverse agencies.
- Adept: Confident leading programs and becoming the go-to expert.
- Versatile: Balances security priorities with real-world business needs.
You don’t need to meet every qualification—growth and learning are part of the journey.
MAINE OFFICE OF INFORMATION TECHNOLOGY (MAINEIT)
Opening Date: June 23, 2025
Closing Date: July 10, 2025
Job Class Code: MH32
Grade: 32
Salary: $85,685.60 - $121,080.96/Annually (includes 10% recruitment & retention stipend)
Position Number: 004250772
Benefits of working for the State of Maine:
No matter where you work across Maine state government, you find employees who embody our state motto—"Dirigo" or "I lead"—as they provide essential services to Mainers every day. We believe in supporting our workforce's health and wellbeing with a valuable total compensation package, including:
- Work-Life Fit – Rest is essential. Take time for yourself using 13 paid holidays, 12 days of sick leave, and 3+ weeks of vacation leave annually. Vacation leave accrual increases with years of service, and overtime-exempt employees receive personal leave.
- Health Insurance Coverage – The State of Maine pays 85%-95% of employee-only premiums ($11,196.96 - $12,514.32 annual value), depending on salary. Use this chart to find the premium costs for you and your family, including the percentage of dependent coverage paid by the State.
- Dental Insurance – The State of Maine pays 100% of employee-only dental premiums ($387.92 annual value).
- Retirement Plan – The State contributes the equivalent of 18.09% of the employee's pay towards the Maine Public Employees Retirement System (MainePERS).
State employees are eligible for an extensive and highly competitive benefits package, covering many aspects of wellness. Learn about additional wellness benefits for State employees from the Office of Employee Health and Wellness.
Note: Benefits may vary somewhat according to specific collective bargaining agreements and are prorated for anything less than full-time.
There's a job and then there's purposeful, transformative work. Our aim is to create a workplace where you can learn, grow, and continuously refine your skills. Applicants demonstrate job requirements in differing ways, and we appreciate that many skills and backgrounds can make people successful in this role.
As an Equal Opportunity employer, Maine State Government embraces a culture of respect and awareness. We are committed to creating a strong sense of belonging for all team members, and our process ensures an inclusive environment to applicants of all backgrounds including diverse race, color, sex, sexual orientation or gender identity, physical or mental disability, religion, age, ancestry, national origin, familial status or genetics.
If you’re looking for a great next step, and want to feel good about what you do, we’d love to hear from you. Please note reasonable accommodations are provided to qualified individuals with disabilities upon request.
Thinking about applying?
Research shows that people from historically excluded communities tend to apply to jobs only when they check every box in the posting. If you’re currently reading this and hesitating to apply for that reason, we encourage you to go for it! Let us know how your lived experience and passion set you apart.