Information & Data Security Manager
Location: Providence, RI
Employment Type: Full-time
Requisition ID: 1572
About the Employer
RIHousing works to ensure that all people who live in Rhode Island can afford a healthy, attractive home that meets their needs. RIHousing provides loans, grants, education, and assistance to help Rhode Islanders find, rent, buy, build, and keep a good home. Created by the General Assembly in 1973, RIHousing is a self-sustaining corporation and receives no state funding for operations.
Role Summary
We are seeking a dynamic professional to serve as the Information & Data Security Manager within our Information Technology Department. This position is responsible for safeguarding RIHousing's information systems and sensitive data, including borrower, tenant, and partner information. This role advises the Director of IT and manages the day-to-day operations of the agency's cybersecurity and data protection program, ensuring compliance with federal, state, and housing-specific regulations while enabling the secure delivery of housing programs and services. The position blends hands-on security operations, regulatory compliance, and third-party/vendor risk management within a mission-driven public sector environment. This is a hybrid position based in Providence, Rhode Island, where you will be an integral part of our Information Technology team.
What You'll Do
Security Operations
- Lead day-to-day threat detection, incident response, and remediation activities
- Manage and tune security tools (SIEM, endpoint protection, vulnerability management, email security)
- Coordinate cybersecurity incident response efforts, ensuring timely communication with leadership and relevant stakeholders
- Manage the day-to-day operations of the security team
Identity & Access Management (IAM)
- Implement and enforce least-privilege and role-based access controls
- Oversee user lifecycle processes and conduct routine access reviews
- Improve authentication controls, including ongoing MFA adoption and enforcement
Risk Management & Compliance
- Perform cybersecurity risk assessments and maintain the agency's risk register
- Support and coordinate internal and external audits (state, federal, and program-specific)
- Ensure operational practices align with public sector and housing authority compliance requirements
Vendor & Third-Party Risk Management
- Manage the vendor security risk program and maintain documentation of assessments
- Conduct due diligence and continuous monitoring of vendors handling sensitive data
- Work with procurement and legal teams to ensure contracts include appropriate security requirements (SLAs, DPAs, incident obligations)
Security Awareness & Culture
- Develop and deliver ongoing security awareness training across the agency
- Run phishing simulations and provide targeted follow-up training for high-risk groups
- Promote secure behaviors and practices across technical and non-technical teams
Business Continuity & Resilience
- Support disaster recovery and business continuity planning efforts
- Help ensure systems supporting housing programs remain resilient and recoverable
Security Strategy & Governance
- Develop and execute an enterprise security strategy aligned with RIHousing's mission and risk profile
- Establish and maintain security policies, standards, and procedures consistent with frameworks such as NIST and CIS
- Provide clear reporting on cybersecurity posture, risks, and priorities to executive leadership
Data Protection & Privacy
- Oversee protection of personally identifiable information (PII) and financial data related to borrowers, renters, and partners
- Implement data classification, retention, encryption, and secure data sharing practices
- Ensure compliance with applicable regulations (e.g., HUD requirements, IRS Pub 1075 where applicable, state privacy laws)
Required Qualifications
- Bachelor's degree in Information Security, IT, or related field (or equivalent experience)
- 5–10+ years of IT experience with 3+ years in cybersecurity or data protection leadership
- Experience working in regulated environments (public sector, financial services, or housing programs)
- Demonstrated experience in team management
- Strong understanding of frameworks such as NIST CSF, CIS Controls, or ISO 27001
- Experience with security tools (SIEM, EDR, DLP, IAM)
- Proven ability to manage audits, risk assessments, and compliance initiatives
Preferred Qualifications
- Certifications: CISSP, CISM, CISA, or similar
- Experience with HUD-funded programs or housing finance agencies
- Familiarity with cloud security (Azure/AWS) in a government or quasi-public environment
- Experience building or maturing a vendor risk management program
- Knowledge of Zero Trust architecture principles
Compensation
$107,884–$156,432 annually. This pay range represents the base annual full-time salary for all positions within this job grade. The actual salary offered will depend on factors such as experience, education, and other job-related qualifications.
Benefits
Medical, Dental, Vision, and Life Insurance; Paid Time Off; Retirement Options; Parking Stipend; Education Reimbursement; Flexible Work Hours; Onsite Fitness Classes; Volunteer Days; Mentorship Program; Lunch and Learn series; Employee Recognition programs.
