Information & Data Security Manager

Please note: This pay range represents the base annual fulltime salary for all positions within this job grade. The actual salary offered will depend on factors such as experience, education, and other job related qualifications.  

What we are all about:  

We are seeking a dynamic professional to serve as the Information & Data Security Manager within our Information Technology Department. This position is responsible for safeguarding RIHousing’s information systems and sensitive data, including borrower, tenant, and partner information. This role leads the agency’s cybersecurity and data protection program, ensuring compliance with federal, state, and housingspecific regulations while enabling the secure delivery of housing programs and services. 

The position blends handson security operations, regulatory compliance, and thirdparty/vendor risk management within a missiondriven public sector environment. 

The Information & Data Security Manager oversees the agency’s security program and leads a team of security professionals. Responsibilities include supervising daily workflow, establishing and maintaining performance standards, and identifying training and development opportunities to enhance team effectiveness. 

This is a hybrid position based in Providence, Rhode Island, where you will be an integral part of our Information Technology team. The role is designed for in-person collaboration and active engagement within our office environment. 

What you’ll do daily: 

Security Operations 

• Lead day-to-day threat detection, incident response, and remediation activities 

• Manage and tune security tools (SIEM, endpoint protection, vulnerability management, email security) 

• Coordinate cybersecurity incident response efforts, ensuring timely communication with leadership and relevant stakeholders 

• Manage the day-to-day operations of the security team 

Identity & Access Management (IAM) 

• Implement and enforce least-privilege and role-based access controls 

• Oversee user lifecycle processes and conduct routine access reviews 

• Improve authentication controls, including ongoing MFA adoption and enforcement 

Risk Management & Compliance 

• Perform cybersecurity risk assessments and maintain the agency’s risk register 

• Support and coordinate internal and external audits (state, federal, and program-specific) 

• Ensure operational practices align with public sector and housing authority compliance requirements 

Vendor & Third-Party Risk Management 

• Manage the vendor security risk program and maintain documentation of assessments 

• Conduct due diligence and continuous monitoring of vendors handling sensitive data 

• Work with procurement and legal teams to ensure contracts include appropriate security requirements (SLAs, DPAs, incident obligations) 

Security Awareness & Culture 

• Develop and deliver ongoing security awareness training across the agency 

• Run phishing simulations and provide targeted follow-up training for high-risk groups  

• Promote secure behaviors and practices across technical and non-technical teams 

Business Continuity & Resilience 

• Support disaster recovery and business continuity planning efforts 

• Help ensure systems supporting housing programs remain resilient and recoverable 

How you will make an impact: 

 Security Strategy & Governance 

• Develop and execute an enterprise security strategy aligned with RIHousing’s mission and risk profile  

• Establish and maintain security policies, standards, and procedures consistent with frameworks such as NIST and CIS  

• Provide clear reporting on cybersecurity posture, risks, and priorities to executive leadership 

Data Protection & Privacy 

• Oversee protection of personally identifiable information (PII) and financial data related to borrowers, renters, and partners  

• Implement data classification, retention, encryption, and secure data sharing practices  

• Ensure compliance with applicable regulations (e.g., HUD requirements, IRS Pub 1075 where applicable, state privacy laws) 

What success looks like in this position: 

• Bachelor’s degree in Information Security, IT, or related field (or equivalent experience)  

• 5–10+ years of IT experience with 3+ years in cybersecurity or data protection leadership  

• Experience working in regulated environments (public sector, financial services, or housing programs)  

• Demonstrated experience in team management 

• Strong understanding of frameworks such as NIST CSF, CIS Controls, or ISO 27001  

• Experience with security tools (SIEM, EDR, DLP, IAM)  

• Proven ability to manage audits, risk assessments, and compliance initiatives  

• Certifications: CISSP, CISM, CISA, or similar  

• Experience with HUD-funded programs or housing finance agencies  

• Familiarity with cloud security (Azure/AWS) in a government or quasi-public environment  

• Experience building or maturing a vendor risk management program  

• Knowledge of Zero Trust architecture principles 

Not sure if you meet all the qualifications? Let us decide!? 

Why RIHousing: 

• Mission-Driven Organization 

• Mentorship Program 

• Lunch and Learn series  

• Employee Recognition programs       

• Dedicated Workforce 

• Parking Stipend 

• Medical/Dental/Vision/Life Insurance 

• Paid Time Off 

• Retirement Options 

• Flexible Work Hours- If Position Eligible, Future Hybrid Work May Be Available 

• Education Reimbursement 

• Onsite Fitness Classes 

• Volunteer Days 

• Winner of “Best Places to Work” 2016, 2018, 2019, 2021 – 2025 

• Greater Providence Chamber of Commerce Worksite Health Award 2013 – 2025 

• PBN's Healthiest Employers of RI 2025 

 About RIHousing