IO Datasphere, Inc. has been providing project management, software development and IT staff augmentation services to our clients in the Midwest and throughout the U.S. since 1996. We are an approved vendor on contract to provide software development and IT staff augmentation services for the States of Illinois, Michigan, Minnesota, Iowa, and Wisconsin. We also provide these services to businesses, as well as local and county governments, in the Midwest and nationwide.

Our client is looking to hire an IT Security & Compliance Coordinator to oversee and facilitate agency IT security compliance, technology intake processes, IT audit readiness, and overall IT risk management. Regularly performing complex risk assessments related to cloud-hosted solutions (e.g., SaaS, PaaS, IaaS), Artificial Intelligence (AI) technology and AI use cases, agency data governance and privacy protections, and application security governance; the IT Security & Compliance Coordinator acts as a key liaison to external partners and collaborates closely with internal IT teams, division leadership, program staff, regulatory bodies, and vendors to strengthen the agency s security and compliance posture.

Additionally, this role is responsible for performing log analysis using SIEM tools and interpreting IT vulnerability scans while producing executive-level IT security, risk, and compliance related reports. It coordinates the agency vulnerability management program, firewall and security exception requests with managed service provider, supports and facilitates incident response planning, and leads cybersecurity awareness training in coordination with agency leadership. The IT Security & Compliance Coordinator also performs PCI DSS attestation (i.e., SAQ A & SAQ B-IP) for all client merchant locations.

Tasks

Technology Intake & Vendor Security Review:

• Capture business use cases, data classification, and required security controls for software and cloud services.

Monitoring, Reporting, and Vulnerability Coordination:

• Use enterprise/agency tools (e.g., SIEM, email security, vulnerability scanners) to review security posture and risk trends.
• Build recurring and adhoc reports that provide security value (threat/anomaly insights) and business intelligence (usage/adoption trends).

AI & Emerging Technology Governance:

• Maintain inventories of AI applications, direct and indirect risks, and approved use cases.
• Coordinate intake and review of AI business use cases; prepare forms and guide staff through enterprise and agency requirements.

IT Compliance, Audit Response, & Risk Management:

• Develop, maintain, and monitor adherence to IT security/compliance policies aligned to NIST, PCI DSS, CIS, ISO 27001, and state standards.
• Identify and track risks; collaborate with service providers and internal technical teams on mitigation strategies and exception handling.

Incident Response Planning and Execution:

• Maintain and test incident response plans/playbooks; educate staff on roles and procedures.
• Participate in investigations, documentation, notifications/status updates, and postincident reviews; track root cause and preventive actions.

Cybersecurity Awareness and Training:

• Lead agency-wide cybersecurity education and compliance initiatives, ensuring awareness and adherence to PCI DSS, NIST-based, and state-level standards.
• Develop and deliver cybersecurity awareness programs to educate employees about security best practices and emerging threats.

Knowledge, Skills and Abilities Required:

• Experience collaborating with cross-functional IT teams and program area staff, external auditors, and regulatory agencies.
• Excellent communication and analytical skills, with ability to translate complex IT security related topics for diverse often non-technical audiences.

NOTE: Candidates MUST be WI residents or willing to relocate to WI prior to starting the role at their own expense. This is a hybrid position requiring on-site work at the WHS HQ 1-3 days per week varying based on project and operational demands. Remote work may be permitted on a scheduled basis after an initial onboarding period.

Public parking options are available nearby, public transportation is half a block away, and bike racks are available just outside of HQ doors. Regular commuting expenses are not covered by the client.

Location: Madison, WI (Hybrid)

Contract: 1+ years

Skills Required:

• 5+ years - Experience in cybersecurity or network operations, audit and compliance coordination, or related IT risk management.
• 5+ years - Experience running search queries, generating, and automating reports from industry standard IT security tools (e.g., Splunk, IronPort, Tenable, Cloudflare).
• 5+ years - Experience managing IT security review processes, security exception workflows, vulnerability management processes, and developing security policies or procedures.
• 5+ years - Proven ability to coordinate complex risk assessments and compliance activities including experience evaluating AI tools or emerging technologies for compliance, security, or ethical risks with a strong knowledge of direct and indirect AI-related risks
• 5+ years - Strong understanding of common security frameworks or compliance standards (e.g., NIST, PCI DSS, CIS, ISO 27001), and privacy protection practices.
• Working knowledge of AWS and Microsoft 365 Entra ID security controls (e.g., IAM, logging/monitoring, encryption, MFA/Conditional Access), with the ability to interpret readonly outputs and coordinate remediation with service providers.
• Experience evaluating AI tools or emerging technologies for compliance, security, or ethical risks with a strong knowledge of direct and indirect AI-related risks
• Strong knowledge of IT Security Incident Response planning and preparation, including experience coordinating with managed service providers (MSP) or third-party vendors

Skills Desired A plus to have:

• Experience in public-sector compliance or multi-agency single tenant environments
• Experience with PCI DSS SAQ preparation and attestation.
• Experience coordinating vendor-performed internal penetration testing

***Rate depends on experience

*** Local candidates preferred, not mandatory

*** Candidates authorized to work in the US are encouraged to apply. We can accept H1b, , TN, and other valid work visas for IT. However, we cannot accept OPT or CPT visas at this time.

*** Companies submitting candidates should only submit direct W2 employees for this position.

Please submit your resume by using the "URL" below