Manager, Information Security Officers (ISO)

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience, cyber risk management, and threat-informed defense. As a world-class research institution, USC is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization that's leading this transformation. You'll join a team focused on scalable, proactive defense strategies, incident preparedness, and operational excellence-working alongside experts who are deeply committed to service, innovation, and impact.

If you're driven by purpose, thrive in complexity, and want to help shape the future of cybersecurity at a leading university, we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Manager, Information Security Officers (ISO) you will be an integral leader of the cybersecurity department while also collaborating with stakeholders across the university ecosystem, and reporting to the Cyber Governance Director. This is a full-time exempt position, eligible for all of USC's fantastic Benefits + Perks. This opportunity is remote.

The Manager, Information Security Officers (ISO) coordinates with multiple university departments, schools/units to oversee the enforcement of cybersecurity requirements. Serves as a liaison for the cybersecurity function to the broader university. Aims to improve the overall security posture of the university. Ensures a unified approach to cybersecurity safety and compliance. Implements and manages comprehensive training programs to educate staff about potential cyber threats, best practices for digital hygiene and the importance of following established security policies. Manages relationships between department, schools and units and central cybersecurity leadership to raise awareness and providing guidance on cybersecurity matters. Participates in the development of leading data security practices, and insures implementation across the university.

The Manager, Information Security Officers (ISO) will:

• Develops, implements and maintains department, school and/or unit cybersecurity standards and procedures.

• Oversees the setup and hardening of departmental information systems to protect against unauthorized access or attacks. Responsible for reviews of control effectiveness. Ensures performance of regular risk assessments to identify potential vulnerabilities and implements security measures accordingly.

• Manages emergency procedures, in conjunction with relevant partners and existing cyber emergency plans, for handling security incidents, data breaches, and other critical situations. Responds promptly to security events, supporting incident response and contributing to investigations as required. Supports resiliency efforts in coordination with DSUs across the university to support the ability to respond and recover from a cyber-related event.

• Implements training and awareness programs for department, school and/or unit staff to foster understanding and adherence to cybersecurity protocols. Maintains currency with latest trends, threats and best practices in cybersecurity. Maintains compliance with all relevant cybersecurity laws, regulations, and policies.

• Provides specific technical information security expertise for development of centralized cybersecurity program. Supports development and implementation of the cybersecurity strategy.Supports security incident response and investigation.

• Conducts reviews to identify root causes of information security incidents and develops corrective action plans.

• Provides oversight and coaching to staff for daily activities and responsibilities.

• Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the USC Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidates for the position of Manager, Information Security Officers (ISO) will meet the following qualifications:

• 7 years in a technical support and operations or design and engineering role within information technology.

• 3 years in information security in an advisory/internal consultant/subject-matter expert capacity.

• 3 years in a management role.

• A bachelor's degree or combined experience and education as substitute for minimum education.

• Relevant professional certifications or working towards attainment (e.g., GCIH/GSEC, CISM, CISA, CISSP, CRISC).

• Possesses comprehensive understanding of the cybersecurity landscape (e.g., trends, risks, best practices for risk management).

• Proficient in information technology infrastructure and various cybersecurity tools and programs.

• Has excellent capacity to communicate complex security matters to different audiences, from team members to executive leadership.

• Possesses sound analytical and problem-solving skills with an ability to make quick decisions in emergency situations.

• Has experience with security audits and compliance with industry security standards and regulations.

• Possesses exceptional leadership skills, capable of managing a team and collaborating with various departments within an organization.

• Has strong ethical standards and a solid understanding of privacy laws, confirming confidential information will be handled with integrity.

• Has excellent project management skills, with experience in planning, implementing, and overseeing security-related projects.

PREFERRED QUALIFICATIONS

Exceptional candidates for the position of Manager, Information Security Officers (ISO) will also bring the following qualifications or more:

• 7 years of related experience, with 3 years in an information security role

• Exceptional leadership skills, experience managing a cross-functional, high-performing team and collaborating with various departments within an organization.

• Deep understanding of security controls, architecture, and advisory

• Demonstrated experience conducting risk assessments

• Bachelor's degree preferred (combination of education and experience acceptable)

In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC's Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $186,211.74 to $228,000.00. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

To support the well-being of our faculty and staff, USC provides benefits-eligible employees with a broad range of perks to help protect their and their dependents' health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC's comprehensive benefits here.

Join the USC cybersecurity team within an environment of innovation and excellence.

Minimum Education: Bachelor's degree
Minimum Certifications: Relevant professional certifications or working towards attainment (e.g., GCIH/GSEC, CISM, CISA, CISSP, CRISC).
Addtional Education Requirements Combined experience/education as substitute for minimum education
Minimum Experience: 7 years in a technical support and operations or design and engineering role within information technology. 3 years in information security in an advisory/internal consultant/subject-matter expert capacity. 3 years in a management role.
Minimum Skills: Possesses comprehensive understanding of the cybersecurity landscape (e.g., trends, risks, best practices for risk management). Proficient in information technology infrastructure and various cybersecurity tools and programs. Has excellent capacity to communicate complex security matters to different audiences, from team members to executive leadership. Possesses sound analytical and problem-solving skills with an ability to make quick decisions in emergency situations. Has experience with security audits and compliance with industry security standards and regulations. Possesses exceptional leadership skills, capable of managing a team and collaborating with various departments within an organization. Has strong ethical standards and a solid understanding of privacy laws, confirming confidential information will be handled with integrity. Has excellent project management skills, with experience in planning, implementing, and overseeing security-related projects.
Preferred Education: Bachelor's degree
Preferred Experience: 10 years
Preferred Skills: Has exceptional leadership skills, experience managing a cross-functional, high-performing team and collaborating with various departments within an organization.