×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

IT Security Risk and Compliance Manager

Job in Olympia, Thurston County, Washington, 98502, USA
Listing for: State of Washington
Full Time position
Listed on 2025-12-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

The mission of Washington Health Benefit Exchange (Exchange) is to radically improve how Washington residents secure health insurance through innovative and practical solutions, an easy‑to‑use customer experience, and our values of integrity, respect, equity and transparency, while providing undeniable value to the health care community.

The Exchange is a public‑private partnership that operates Washington Healthplanfinder, the eligibility and enrollment portal used by one in four Washington residents to obtain health and dental coverage. Through this platform, and with support from a Customer Support Center and statewide network of in‑person navigators and brokers, individuals and families can shop, compare and enroll in private, qualified health plans (as defined in the Affordable Care Act) or enroll in Washington Apple Health, the state Medicaid program.

Equity

Statement

Equity is fundamental to the mission of the Washington Health Benefit Exchange. The process of advancing toward equity and becoming anti‑racist is disruptive and demands vigilance to dismantle deeply entrenched systems of privilege and oppression. While systemic racism is a root cause of many societal inequities, we must also use an intersectional approach to address all forms of bias and oppression, which interact with and often exacerbate racial inequities.

To be successful, we must recognize the socioeconomic drivers of health and focus on people and places where needs are greatest. As we listen to community, we must hold ourselves accountable to responding to recommendations to remedy inequitable policies, systems, or practices within the Exchange’s area of influence. Our goal is that all Washingtonians have full and equal access to opportunities, power and resources to achieve their full potential.

SUMMARY
  • Manage, oversee and coordinate the work of team members and activities in IT security compliance, risk management and other duties as defined by the Chief Information Security Officer (CISO).
  • Develop the strategic direction for regulatory compliance and manage the risk of WAHBE data and information systems.
  • Continuously assess security controls, create and implement IT security policy, procedures and standards, and maintain IT security compliance deliverables to ensure agency compliance with federal and state regulations.
  • Provide supervision, guidance and oversight of the WAHBE IT Security Risk and Compliance Team, ensuring effective execution of responsibilities and alignment with organizational goals.
  • Develop, maintain and implement cybersecurity compliance deliverables, ensuring they are regularly updated to meet evolving CMS, IRS and WAHBE requirements (System Security Plan, Safeguard Security Report, Annual Attestation, etc.).
  • Conduct comprehensive and complex cybersecurity risk assessments and perform thorough risk analysis to evaluate threats, vulnerabilities and the effectiveness of security controls.
  • Ensure security controls align with WAHBE IT Security standards and policies while maintaining compliance with applicable federal regulations.
  • Develop and implement an information security risk management framework, including gap analysis, remediation timelines, regular reviews and updates.
  • Develop risk management metrics and reports to communicate remediation efforts, risk treatment progress and enhancements to WAHBE’s overall security posture.
  • Track, coordinate and manage risk mitigation plans for federal reporting (Corrective Action Plan, Plan of Action and Milestones).
  • Validate and verify completion of remediation activities and reevaluate control effectiveness as needed to ensure ongoing risk mitigation.
  • Collaborate with Compliance Officer, Information Security Manager, Cloud/Infrastructure Manager, Lead Product Owner, Tech Ops and other IT stakeholders for risk mitigation and control implementation.
  • Manage CMS and IRS security audits and safeguard reviews.
  • Manage and support third‑party security risk assessment as mandated by federal regulations and coordinate resulting mitigation plans.
  • Maintain and update WAHBE’s information security policies and procedures with evolving CMS, IRS and WAHBE requirements.
  • Review laws,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search