Information Security Manager

Position Title : Information Security Manager

Department : Data Solutions

Reports To : Chief Technology Officer

FLSA Classification : Exempt, full-time

About Us :

The Center for Improving Value in Health Care (CIVHC) is an independent non-profit that equips partners and communities in Colorado and across the nation with the resources, services and unbiased data needed to improve health and health care. As the designated administrator of Colorado's All Payer Claims Database (CO APCD), CIVHC oversees the collection of health care claims from Colorado's public and private health care insurers and uses that information to promote price transparency, inform policy, advance health equity, conduct research, and much more. We are objective, solution-oriented, and maintain the highest integrity in the work we do.

Job Summary :

The Information Security Manager leads the oversight and strategic direction of information securityat CIVHC, with a focus on policy development, vendor security assurance, and regulatory compliance. This is not a hands-on systems administration or SOC (Security Operations Center) role.

The Information Security Manager serves as the internal point of accountability for ensuring that CIVHC's data infrastructure, cloud migration initiatives, and vendor relationships meet the highest security and privacy standards. The Information Security Manager collaborates with the Finance, Compliance, Data Solutions, and Data Access and Impact departments to ensure the integrity, confidentiality, and availability of CO APCD information systems.

As the administrator of the Colorado All Payer Claims Database (CO APCD), CIVHC contracts with external vendors for data ingestion, storage, and analytics. This position provides oversight support of those partnerships to ensure compliance with HIPAA, NIST, and other regulatory standards.

This position is especially critical for cloud migration, increased API use, and AI exploration, and plays a lead role in risk evaluation. The role also includes business-aligned responsibilities such as documentation of database architecture and governance planning, working closely with technical and compliance teams.

The Information Security Manager will integrate forward-thinking, community-centered innovation with scalable data services. The ideal candidate brings a strong commitment to equity, the ability to communicate complex information to diverse audiences, and a visionary mindset to leverage data for transformative health outcomes across Colorado and beyond.

Supervisory Responsibilities :

• Direct oversight of the IT & Network Specialist. Future supervisory responsibility may expand with organizational growth.
• Collaborate with the IT & Network Specialist to ensure that device management, internal network configurations, and endpoint protections align with the organization's overall security and compliance framework.
• Set priorities, approve technology purchases, and support professional development for the IT & Network Specialist in alignment with organizational goals.
• Ensure proper documentation and incident handling for IT issues involving internal hardware, user access, and system configurations.
• Integrate business-side IT practices into enterprise-wide risk management, business continuity planning, and security training initiatives.

Duties / Responsibilities / Essential Functions :

Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.

Required Skills / Abilities :

Education and Experience :

Physical Requirements : Primarily computer-based work with extended periods of sitting, typing, and concentration. May occasionally require light lifting of office materials.

Other duties :

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Position Timeline :

Our target is to fill this position by October 24 , 2025 . Application review will begin immediately and will continue on a rolling basis until the position is filled. We encourage interested candidates to apply as soon as possible for full consideration.

Compensation and Benefits :

The salary range for this position is $95,000 - $115,000 annually, based on relevant experience, education, and internal equity. CIVHC offers a comprehensive benefits package including medical, dental, and vision coverage; paid time off; life and disability insurance; and retirement plan contributions.

Equal Opportunity Employer :

CIVHC is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or any other legally protected status.