Risk Specialist 2 or 3

Montana Government

Helena, MT

JOB DETAILS
SKILLS
Analysis Skills, Architectural Services, Authentication, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Career Counseling, Cloud Storage, Coaching, Communication Skills, Computer Security, Cryptography, Data Storage, Design Evaluation, Documentation, Documentation Standards, Homeland Security, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leadership, Legal, Mentoring, Public Administration, Record Keeping, Relationship Management, Retirement Plan, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Sales Management, Security Analysis, Security Attacks, Security Auditing, Social Security Administration, Spreadsheets, State Government, Team Player, Technical Support, U.S. National Institute of Standards and Technology (NIST), Virtualization
LOCATION
Helena, MT
POSTED
8 days ago

Job Description - Risk Specialist 2 or 3 (26141675)

Position Title:

Risk Specialist 2 or 3 - (26141675)

Why live in Helena, Montana?

  • Helena is surrounded by rolling hills and lofty mountains and is tucked below the Continental Divide.

  • It is a relatively quiet place to call home where small-town living collides with outdoor adventure.

  • Helena has a rich history and was originally founded as a gold camp during the Montana gold rush.

  • Learn more about moving to and/or living in Helena, Montana here.

Why should you keep reading and consider working here?

We know you have other work options, but we ask you to consider working with us at the State of Montana Department of Administration in the State Information Technology Services Division (SITSD). Our mission to provide shared IT services to support the needs of the state and citizens of Montana. We offer an innovative and collaborative work environment where employees are valued and supported. In addition, our employees have the opportunity to be involved in some of the most exciting and innovative IT projects and initiatives in development within Montana state government.

What is this career opportunity?

State Information Technology Services Division is seeking an experienced Risk Specialist to support the centralized cybersecurity organization by executing cybersecurity risk management processes, conducting risk assessments, documenting risk conditions, maintaining risk documentation, evaluating control effectiveness, and helping customers translate technical findings into actionable treatment decisions under established guidance. The position works across a federated state environment to help assess risk, maintain risk records, registers, and reports, support policy and compliance alignment, and provide practical guidance that references statewide standards while considering agency business needs. The role requires strong analytical ability, willingness to learn, and the ability to communicate risk in plain language to technical, operational, and business stakeholders.

What are we looking for?

Education and Experience:

Specialist 2:

  • Associate degree in Cybersecurity, Information Technology, Business, Public Administration, or a related field; AND

  • 2 years of experience in cybersecurity risk management, information security, compliance, audit, security assessment, or a closely related field.

  • Alternate combinations of education, experience, and relevant certifications will be considered on a case-by-case basis.

Specialist 3:

  • Associate degree in Cybersecurity, Information Technology, Information Assurance, Business, Public Administration, or a related field; AND

  • 4 years of experience in cybersecurity risk management, information security, compliance, audit, security assessment, or a closely related field.

  • Experience leading risk assessments, complex control assessments, or audits.

  • Alternate combinations of education, experience, and relevant certifications will be considered on a case-by-case basis.

Preferred:

  • Bachelor''s degree in Cybersecurity, Information Technology, Information Assurance, Business, Public Administration, or a related field; AND

  • Advanced cybersecurity certifications such as CRISC, CISA, CISM, CISSP, etc.

Competencies:

Required knowledge, skills, and abilities:

  • Knowledge of cybersecurity risk management frameworks and standards, including NIST RMF, NIST SP 800-30, NIST SP 800-37, NIST SP 800-53, NIST CSF 2.0, and their practical application in a state government environment.

  • Knowledge of Information technology (IT) cybersecurity principles and methods such as confidentiality, integrity, availability, authentication, authorization, accountability, encryption, configuration, etc.

  • Knowledge of common cyber threats, vulnerabilities, attack vectors, and how technical issues translate into business, mission, legal, and reputational impact.

  • Knowledge of information technology platforms, including hardware, software, network, data storage, cloud service virtualization, security, end-user platforms, etc.

  • Skill in planning and executing structured risk assessments, including asset identification, threat and vulnerability analysis, likelihood and impact estimation, and residual risk determination.

  • Skill in evaluating the design and effectiveness of security controls and interpreting assessment, audit, and scan results.

  • Skill in leading complex risk assessments, including multisystem and cross agency scenarios, and resolving conflicting stakeholder perspectives.

  • Skill in using GRC platforms, vulnerability management tools, spreadsheets, and ticketing systems to document and track risk work.

  • Ability to communicate risk in plain language, including providing clear explanation of scenarios, likelihood, impact, and treatment options such as avoid, mitigate, transfer, or accept.

  • Ability to exercise independent, expert judgment in ambiguous and high impact situations, including advising on risk acceptance when standards and precedents are limited.

  • Ability to identify control gaps, inconsistencies, and emerging issues in complex technical, procedural, and architectural documentation.

  • Ability to mentor, coach, and provide informal leadership to team members in risk techniques, documentation standards, and stakeholder communication.

  • Ability to operate effectively in a federated state environment, balancing centralized standards with agency autonomy and relationship management.

Does this sound like you?

Please tell us how and why by submitting your resume and cover letter. (Please Note: You do not need to complete the "work experience" or the "education & certifications" portion of the application process in our recruiting system. You only need to upload the requested documentation.)

What can you expect from us in return for your hard work?

Ø Look here to see the additional benefits! They include:

o Work/life Balance

o Health Coverage

o Retirement plans

o Paid Vacation and Sick Leave and Holidays

o And more…

Ø Public Service Loan Forgiveness (PSLF) - Employment with the State of Montana may qualify you to receive student loan forgiveness under the PSLF.

Other important information to be aware of.

  • This position requires successful completion of a criminal background check.
  • Only online applications are accepted. By applying online, you can receive updates and monitor the status of your application.
  • The Department of Administration participates in E-Verify to confirm employment eligibility. After accepting a job offer and completing form I-9, your information will be submitted to the Department of Homeland Security and Social Security Administration for verification. For more information about E-Verify, please visit the E-Verify website found here, https://www.e-verify.gov/.
  • The first review of applicants will take place on July 2, 2026.
  • In this position you will be afforded the opportunity to telework, however there will be required weekly in-office day(s) in Helena. Specific conditions will be outlined as part of the job offer and must adhere to state policy.

Applicant Pool Statement: If another department vacancy occurs in this job title within six months, the same applicant pool may be used for the selection. Training Assignment: Not Applicable

Salary: $

37.84 - 40.38 Hourly

Telework Eligibility: Telework Eligible (Full-time telework is not available. Telework schedule must be supervisor approved.) Benefits Package Eligibility: Health Insurance, Paid Leave & Holidays, Retirement Plan

Number of Openings

: 2 Employee Status: Regular Schedule: Full-Time

Job Type

: Standard

Shift

: Day Job

Travel

: No

Primary Location

: Helena

Agency: Department of Administration Union: 000 - None

Posting Date

: Jun 25, 2026, 9:22:46 PM

Closing Date (based on your computer''s timezone)

: Jul 10, 2026, 11:29:00 AM

Required Application Materials: Cover Letter, Resume

Contact Name: Megan Stearman | Contact Email: Megan.Stearman2@mt.gov | Contact Phone: 406-444-4620 The State of Montana has a decentralized human resources (HR) system. Each agency is responsible for its own recruitment and selection. Anyone who needs a reasonable accommodation in the application or hiring process should contact the agency''s HR staff identified on the job listing or by dialing the Montana Relay at 711. Montana Job Service Offices also offer services including assistance with submitting an online application.

State government does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, pregnancy, childbirth or medical conditions related to pregnancy or childbirth, age, physical or mental disability, genetic information, marital status, creed, political beliefs or affiliation, veteran status, military service, retaliation, or any other factor not related to merit and qualifications of an employee or applicant.

About the Company

M

Montana Government