Director, Privacy & Security Enterprise Engagement

You could be the one who changes everything for our 28 million members. Centene is transforming the health of our communities, one person at a time. As a diversified, national organization, you’ll have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose:

The Director leads the Privacy & Security Enterprise Engagement Officers (EEO) Shared Services Team within Enterprise Privacy & Security Risk Management (EPSRM). This role works with other Shared Services across the organization with a focus on EPSRM. Some of that work includes:

• Leading a team that is aligns to various shared service capabilities within Centene.
• Include privacy, security compliance, AI governance, Resiliency (e.g., BC/DR), security culture & training, marketing, Human Resources, Physical security, Digital, SSDLC and various other alignments.

Support the Enterprise Engagement Officer team as they will need to know all controls, requirements, relevant regulations, participate in Legislation reporting and creation on topics relevant to the Team area. The Director builds trusted partnerships with Health Plan leadership and key enterprise stakeholders (Enterprise Compliance, Operations, Business Technology Solutions, ITCC, Privacy, Vendor Risk, Legal, etc.) to drive contract assurance, readiness reviews, RFP support, and continuous improvement. The position ensures team alignment with EPSRM’s goals and accountability for Health Plan deliverables.

Strategic Leadership:

• Lead, coach, and scale the Shared Service EEO team to deliver consistent, high-quality engagement across all assigned state Medicaid Health Plans and the Medicare and Marketplace lines of business.
• Align staffing and resources to shared service and line of business complexity, volume, and key cycles.
• Ensure the team’s alignment with and achievement of defined goals.
• Responsible for onboarding, training, allocating and prioritizing tasks, setting goals, and managing performance and career development for team members.

Governance & Shared Service Engagement:

• Serve as the primary EPSRM engagement leader for Health Plan lines of business; support stakeholders as needed to track obligations, risks, and decisions.
• Direct and oversee the team’s ongoing efforts to serve as a subject-matter-expert for privacy, security and AI requirements and ensure regulatory, legislative, and contractual privacy, security & AI requirements are understood and operationalized.
• Provide Executive-ready updates for Health Plan and EPSRM leadership.
• Build trusted relationships with internal and external stakeholders to resolve blockers and escalate issues effectively.
• Meet with regulators or other state representatives to answer questions and achieve clarity on the understanding of requirements.
• Meet with auditors to demonstrate Centene's privacy, security, AI and operational resilience compliance.

Contract Requirements & Assurance:

• Interpret and operationalize privacy, security, AI, and business continuity obligations from contracts, RFPs, and laws/regulations (e.g., HIPAA, CMS/MARS-E/ARC-AMPE, NCQA, state Medicaid/Exchange).
• Maintain a centralized requirements & deliverables register or pipeline mapping obligations to owners, timelines, and evidence for audits & assessments.
• Ensure adequacy of control validation evidence and support gap closure prior to delivery or readiness reviews.
• Monitor legal and regulatory changes and how they are/will impact contracts and effectively communicating impacts to stakeholders.
• Direct and oversee the team’s ongoing efforts to discover, assess impact of, and communicate new or changing regulatory, legislative, and contractual requirements related to privacy, security, AI and operational resilience.

Risk Advisory & Compliance:

• Direct and oversee the team's ongoing efforts to identify and bring awareness to privacy, security, AI and operational resilience risks and control gaps, and champion solutions for those within the context of Centene's business operations and technology environments in partnership with internal and external teams to EPSRM.

Deliverable Execution & Evidence Management:

• Ensure System Security Plans (SSPs) or System Security & Privacy Plans (SSPPs) and other related deliverables are accurate & complete.
• Establish and mature processes for plan deliverables (i.e., SSPs/SSPPs, BCP plans, incident response attestations, vendor security attestations, etc.).

Readiness Reviews, RFPs & Audits:

• Support the Market Team as they work with market entries, procurements, and renewals—including RFP responses and readiness reviews.
• Direct and oversee the team’s ongoing efforts to ensure privacy, security, AI and operational resilience objectives are treated as business and technology requirements.
• Facilitate regulator and client requests with timely, accurate responses aligned to relevant policy.

Incident, Vendor & Continuity Readiness:

• Ensure Health Plans understand EPSRM expectations for activities related to incident response, breach reporting, vendor management, etc.
• Validate readiness through participation in tabletop exercises and evidence reviews.

Continuous Improvement:

• Drive enhancements to engagement processes, reporting, and compliance maturity.
• Support and contribute to EPSRM’s multi-year plan and portfolio reporting.

Key Duties:

• Lead and manage Shared Services EEO team member performance, onboarding, and career development.
• Establish Shared Services engagement Objectives & Key Results (OKRs) and deliver reporting at defined intervals.
• Lead a team of and be a subject-matter expert for privacy, security, and AI requirements, including engagement with regulators and auditors.
• Coordinate cross-functional inputs for deliverables and ensure timely completion.
• Performs other duties as assigned.
• Complies with all policies and standards.

Education/Experience:
Minimum Education:

Bachelor's degree in Information Security, Information Technology, Computer Science or other related field. Master's degree preferred.

Licensure / Certifications:

• CISSP (Certified Information Systems Professional), CISM, CRISC (Certified Risk and Information Systems Control), CGEIT or related advanced Risk or Security certification.

Minimum Experience:

• 8 years of experience with security capabilities, technologies, and architecture.
• 5 years of experience in leading Business Information Security Officer (BISO), Technology Information Security Officer (TISO), or Technical Enterprise Engagement teams and engaging with executive leaders.
• 3 years of experience with government sponsored health plan operations and associated regulatory and contractual requirements or similarly regulated industry.
• 3 + years of supervisory/management experience.

Additional knowledge, skills, and abilities necessary to perform the role:

• Ability to navigate and communicate regulatory, legislative, and contractual privacy and security requirements within the context of business operations and supporting technology environments.
• Ability to engage in a dialogue with business and technology stakeholders to achieve agreement on how to meet privacy and security requirements.
• Ability to lead and develop business and technology facing engagement teams within the context of regulatory, legislative, and contractual privacy and security requirements.

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law, including full-time or part-time status. Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act