Information Security Manager

Role Overview

• The Information Security Manager will take a lead role in establishing and governing enterprise risk management processes to ensure a robust security posture across the organization.
• This position is accountable for developing structured workflows, engaging stakeholders, supporting risk onboarding, and delivering audit-ready documentation, with an emphasis on sustainability and staff knowledge transfer.
• This position aligns with Cayuse’s core values of Innovation, Excellence, Collaboration, Adaptability, and Integrity by fostering technical solutions that meet customer needs, promoting teamwork, and prioritizing quality in deliverables.
• Define and implement end-to-end governance workflows for risk identification and intake, risk review and validation, risk acceptance, mitigation, or transfer, and ongoing monitoring and periodic reassessment.
• Establish roles and responsibilities for risk owners, risk reviewers, and governance bodies.
• Design escalation and reporting processes for high-risk and accepted risks.
• Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
• Facilitate working sessions and workshops to socialize and gain adoption of the risk register and governance processes.
• Produce clear, audit-ready documentation covering the risk register structure and data definitions, risk scoring methodology, and governance workflows and decision authorities.
• Provide comprehensive knowledge transfer to designated security staff to ensure sustainability of processes beyond the contract term.

Requirements

• 8 years of experience with risk register design and risk management frameworks.
• 8 years of experience implementing and managing risk scoring and prioritization models.
• 8 years of experience establishing governance processes and workflows in enterprise or public sector environments.
• 8 years of stakeholder engagement and enablement experience, including conducting workshops or training for risk and security management adoption.
• 8 years of demonstrated skill in developing comprehensive documentation and providing effective knowledge transfer to security staff.
• Must be able to pass a background check.
• May require additional background checks as required by projects and/or clients at any time during employment.
• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills.
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Proven ability to multitask and prioritize in a fast past environment with changing priorities; adaptable to change and a quick learner.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately.
• Proficient in MS Office, Word, Outlook, PowerPoint, and Excel.
• Ability to build trust and maintain relationships across technical and business teams.

Benefits

• Medical, Dental and Vision Insurance
• Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off