Information Security Officer (ITS)

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience, cyber risk management, and threat-informed defense. As a world-class research institution, USC is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization that's leading this transformation. You'll join a team focused on scalable, proactive defense strategies, incident preparedness, and operational excellence-working alongside experts who are deeply committed to service, innovation, and impact.

If you're driven by purpose, thrive in complexity, and want to help shape the future of cybersecurity at a leading university, we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Information Security Officer (ITS) you will be an integral member of the cybersecurity department while also collaborating with stakeholders across the university ecosystem, and reporting to the ISO Manager. This is a full-time exempt position, eligible for all of USC's fantastic Benefits + Perks. This opportunity is remote

The Information Security Officer (ITS) coordinates with university department, schools/units to capture and enforce cybersecurity requirements and support resiliency efforts. Facilitates a unified approach to cybersecurity safety and compliance. Participates in the development and delivery of training programs. Maintains relationships between department, schools and units and central cybersecurity leadership. Ensures leading data security practices are implemented across the university, driving awareness and completion of cyber initiatives.

The Information Security Officer (ITS) will:

• Assists in the development, implementation and maintenance of the department, school and/or unit cybersecurity standards and procedures. Supports resiliency efforts in collaboration with university departments, schools and units to support response and recovery from cyber-related events.

• Participates in the setup and hardening of departmental information systems to protect against unauthorized access or attacks. Responsible for reviews of control effectiveness. Performs regular risk assessments.

• Assists in emergency procedures, in conjunction with relevant partners and existing cyber emergency plans, for handling security incidents, data breaches, and other critical situations. Assists in responding to security events, supporting incident response and contributing to investigations as required.

• Contributes to training and awareness programs for department, school/unit staff to foster understanding and adherence to cybersecurity protocols. Maintains professional currency (e.g., all relevant cybersecurity laws, regulations, policies).

• Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the USC Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidates for the position of Information Security Officer (ITS) will meet the following qualifications:

• 4 years of experience in IT, cybersecurity and leadership roles.

• A bachelor's degree or combined experience and education as substitute for minimum education.

• Comprehensive understanding of the cybersecurity landscape (e.g., trends, risks, best practices for risk management).

• Proficiency in information technology infrastructure and various cybersecurity tools and programs.

• Demonstrated capacity to communicate security matters to different audiences.

• Sound analytical and problem-solving skills with an ability to make quick decisions in emergency situations.

• Experience with operational technology environments and security requirements to secure OT environments.

• Experience with security audits and compliance with industry security standards and regulations.

• Strong ethical standards and a solid understanding of privacy laws, confirming confidential information will be handled with integrity.

• Relevant professional certifications or working towards attainment (e.g., GCIH/GSEC, CISM, CISA, CISSP, CRISC).

PREFERRED QUALIFICATIONS

Exceptional candidates for the position of Information Security Officer (ITS) will also bring the following qualifications or more:

• 7 years in IT, cybersecurity and management

• Leadership experience

• Project management skills, with experience in planning, implementing, and overseeing security-related projects.

• Bachelor's degree (or equivalent combination of education and experience)

• Demonstrated ability to lead or coordinate cybersecurity policy implementation

• Familiarity with audit processes and regulatory frameworks (e.g., NIST, HIPAA, FERPA)

In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC's Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $142,601.35 to $177,947.60. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

To support the well-being of our faculty and staff, USC provides benefits-eligible employees with a broad range of perks to help protect their and their dependents' health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC's comprehensive benefits here.

Join the USC cybersecurity team within an environment of innovation and excellence.

Minimum Education: Bachelor's degree
Minimum Certifications: Relevant professional certifications or working towards attainment (e.g., GCIH/GSEC, CISM, CISA, CISSP, CRISC).
Addtional Education Requirements Combined experience/education as substitute for minimum education
Minimum Experience: 4 years in IT, cybersecurity and management.
Minimum Skills: Comprehensive understanding of the cybersecurity landscape (e.g., trends, risks, best practices for risk management). Proficiency in information technology infrastructure and various cybersecurity tools and programs. Demonstrated capacity to communicate security matters to different audiences. Sound analytical and problem-solving skills with an ability to make quick decisions in emergency situations. Experience with operational technology environments and security requirements to secure OT environments. Experience with security audits and compliance with industry security standards and regulations. Strong ethical standards and a solid understanding of privacy laws, confirming confidential information will be handled with integrity.
Preferred Education: Bachelor's degree
Preferred Experience: 7 years in IT, cybersecurity and management.
Preferred Skills: Leadership experience. Project management skills, with experience in planning, implementing, and overseeing security-related projects.