Senior Security, Privacy & Compliance Manager

**Overview** The Senior Security, Privacy & Compliance Manager is accountable for developing, implementing, and maintaining robust security, privacy, and compliance measures to safeguard the Exchange's information assets. This individual acts as the central point of expertise for regulatory compliance, incident management, and staff training on best practices. This role ensures strict adherence to federal, state, and contractual standards while driving continuous improvement in data security frameworks. By coordinating with technical teams and leadership, this role mitigates risks, addresses vulnerabilities, and promotes a sustainable culture of security and compliance This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse. **Responsibilities** + Develop, implement, and maintain comprehensive security, privacy, and compliance policies and procedures to align with federal, state, and contractual obligations. + Conduct regular security audits, vulnerability assessments, and monitoring of data access controls to ensure proactive risk management. + Identify, evaluate, and mitigate cybersecurity and privacy risks to protect Exchange customer and organizational data. + Collaborate with leadership, technical teams, and contractors to ensure compliance with regulatory mandates, including Appendix C - Data Security and Reporting Requirements. + Monitor reported data security incidents and implement corrective actions to mitigate risks and prevent recurrence. + Provide expert guidance and training to employees and contractors on security and privacy best practices to reinforce a culture of accountability and compliance. + Coordinate the implementation of secure access controls, identity management systems, and authentication standards to protect Exchange systems from unauthorized access. + Oversee processes for secure data disposal, safe information transfer, and contractor compliance during migrations or contract transitions. + Partner with leadership to manage benchmarks for continuous compliance monitoring and improvement across technical and administrative areas. + Conduct evaluations of AI and automation tools to ensure adherence to Exchange-approved risk mitigation and privacy/security policies. + Maintain ongoing communication with the Exchange and other Key Staff to assess and adapt security measures to align with evolving risks and regulations. + Other duties as assigned. **Qualifications** + Associate's degree in Information Systems, Cybersecurity, or a related field, OR equivalent work experience in data security or compliance roles. + Certifications in security and compliance, such as CISM, CISSP, or CISA. + 5+ years of experience in security, privacy, and compliance roles within enterprise environments, preferably in public sector organizations or projects. + Proven track record of implementing security measures that meet regulatory compliance standards. + Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment. **Minimum Skills:** + Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner. + Strong understanding of cybersecurity principles, incident management, and risk analysis. + Familiarity with federal (e.g., NIST) and state regulatory standards for data privacy. + Excellent organizational, analytical, and problem-solving skills with high-level attention to detail. + Proven ability to multitask and prioritize in a fast past environment with changing priorities; adaptable to change and a quick learner. + Must be self-motivated and able to work well independently as well as on a multi-functional team. + Ability to handle sensitive and confidential information appropriately + Proficient in MS Office, Word, Outlook, PowerPoint, and Excel. **Desired Qualifications:** + Bachelor's degree in Cybersecurity, Information Technology, or a related field. + Certifications in project management (e.g., PMP) or specialized data security frameworks. + Experience leading compliance efforts for large-scale enterprise projects, particularly for state health or benefits programs. + Familiarity with AI and automation risk evaluation and compliance processes. + Knowledge of contract transition best practices, particularly data transfer and disposal. **Other Duties:** _Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice._ **_Cayuse is an Equal Opportunity Employer. All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law._** **Pay Range** USD $55,000.00 - USD $118,000.00 /Yr. Submit a Referral ( **Can't find the right opportunity?** Join ourTalent Community ( orLanguage Services Talent Community ( and be among the first to discover exciting new possibilities! **Location** _US-_ **ID** _103627_ **Category** _Information Technology_ **Position Type** _Full-Time Salary Exempt_ **Remote** _Yes_ **Clearance Required** _None_