Deputy Chief Information Security Officer
University of Southern CaliforniaDeputy Chief Information Security Officer (Deputy CISO)
University of Southern California – USC Office of Cybersecurity
The University of Southern California is seeking a seasoned cybersecurity leader to serve as the Deputy Chief Information Security Officer (Deputy CISO) within the USC Office of Cybersecurity. Reporting to the Chief Information Security Officer (CISO), the Deputy CISO provides enterprise leadership for cybersecurity governance and cross-functional oversight of critical cybersecurity domains across the university.
This role is responsible for advancing USC’s cybersecurity strategy through governance, risk management, and operational coordination across the institution’s diverse academic, research, and administrative environments. The Deputy CISO will lead cybersecurity governance functions and collaborate closely with Information Security Officers and university leadership to strengthen cyber risk management and expand cybersecurity capabilities across departments, schools, and units.
The Deputy CISO serves as the primary delegate to the CISO, assuming full decision-making authority in their absence and acting as a strategic advisor and potential successor to ensure continuity of cybersecurity leadership and execution of enterprise security objectives.
Applications will be accepted until the position is filled. For full consideration, please submit materials by the priority deadline of April 1, 2026.
Key Responsibilities include the following:
Lead and oversee the Cyber Governance function, including cybersecurity training and awareness, cyber performance management, and policy management programs.
Provide cross-functional oversight of key cybersecurity domains, including Identity & Access Management (IAM), Cybersecurity Architecture & Engineering, and Cyber Defense.
Partner with Information Security Officers and stakeholders across departments, schools, and research units to coordinate cybersecurity initiatives and risk management activities across the university.
Support and help drive strategic cybersecurity initiatives, ensuring alignment with the university’s mission, research priorities, and operational needs.
Oversee the development, implementation, and enforcement of cybersecurity policies, standards, and best practices across the enterprise.
Strengthen and expand cybersecurity capabilities, tools, and processes that enhance protection of university systems, data, and research assets.
Lead and mentor cybersecurity teams, fostering collaboration, professional growth, and operational excellence.
Manage resources effectively, including oversight of budgets, staffing, and prioritization of cybersecurity initiatives.
Ensure alignment with leading security frameworks, regulatory requirements, and industry standards (e.g., NIST, ISO 27001, FERPA, HIPAA).
Serve as a trusted strategic advisor to the CISO and university leadership on cybersecurity risk, governance, and emerging threats.
Assume full operational leadership of cybersecurity functions in the absence of the CISO, ensuring continuity of leadership and enterprise security operations.
Performing other related responsibilities as requested and when necessary. The university reserves the right to add or change duties at any time.
Minimum Qualifications:
Bachelor’s degree within Information Science, Computer Information Systems, Cyber Security or related field(s)
10 years’ experience in governance, risk and compliance, team management and security frameworks
Relevant cyber certification such as CISSP, GIAC, CISM.
Demonstrated ability to align security initiatives with institutional objectives.
Strong ability to coordinate cybersecurity efforts across diverse departments, schools, and research units.
Experience in developing, implementing, and enforcing cybersecurity policies, standards, and best practices in a complex organizational environment.
Comprehensive understanding of cybersecurity frameworks (e.g., NIST, ISO 27001), data protection regulations (e.g., FERPA, HIPAA), and risk mitigation strategies.
Demonstrated ability to lead, mentor, and manage cybersecurity professionals, oversee budgets, and allocate resources effectively.
Preferred Qualifications:
MBA or master’s degree in computer science or related field(s)
15 years’ experience in governance, risk and compliance, team management and security frameworks
In-depth knowledge of industry standards, regulations, and new industry developments/trends.
Ability to gain government and/or university security clearance (as required).
Demonstrated experience with managing a GRC (Governance, Risk, and Controls) technology platform.
Experience with defining requirements and use cases to enable and automate manual processes via technology platforms within Cyber Risk Management, Cyber Risk Quantification, Cyber Issue Management, Exception Reporting, etc.
Strong documentation skills related to process workflow creation within the GRC and cyber risk management focus areas.
Demonstrated track record of strategic leadership in a higher education or a similar environment and/or extensive experience in program development, performance management, and educational administration.
Demonstrated ability to successfully manage a team, foster collaboration, and navigate complex situations.
Excellent communication, problem-solving and decision-making skills.
Demonstrated ability to lead change and innovation within an organization.
Ability to navigate the university's complexity, along with negotiation skills to garner support from multiple stakeholders.
Knowledge and experience in employing project management methodologies, strategic planning processes and performance measurement systems.
Required Documents and Additional Information
Both a resume and cover letter are preferred (may be uploaded as one file). Please do not submit your application without these documents.
The budgeted salary range for this position is $291,169 - $385,000. When extending an offer of employment, the University of Southern California considers factors such as the scope and responsibilities of the position, the candidate’s work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.
To support faculty and staff well-being, USC provides benefits-eligible employees with a broad range of benefits and perks to help protect their and their dependents’ health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package.
Minimum Education:Bachelor's degree
Minimum Experience:
10 years
Minimum Skills:
Bachelor’s degree in IT, computer science, or related fields.
Ten years’ experience in IT, information security, privacy and risk management across all domains.
Experience developing and managing relevant products and services (e.g., EDR/XDR, Cloud security tools, file integrity monitoring, information security configuration, data security platforms, CASB, DLP, IDS/IPS, firewalls).
Extensive experience with relevant regulatory requirements (e.g., GLBA, PCI, FERPA, HIPAA).
Excellent understanding of security controls frameworks (e.g., CIS Top20, NIST CSF, 800-53).
Extensive experience defining and deploying security hardening guidelines.
Proven subject matter expertise in different technology stacks (e.g., OS, system, network, application).
Excellent leadership and people management skills.
Proven understanding of CIS benchmarks and customer service metrics.
Experience managing different operating systems and configuration standards.
Ability to plan, organize and document complex system design activities.
Excellent written and oral communication skills, able to interact with a broad spectrum of people on a technical and professional level to share complex information.
Proven analytical, consulting and problem-solving skills, with exceptional attention to detail.
Excellent organizational skills and proven ability to manage multiple projects and priorities simultaneously.
Ability to manage, teach and train others.
Experience with database administration, access management and systems/data backup, storage and recovery.
Preferred Education:
Master's degree
Preferred Experience:
12 years
Preferred Skills:
Master’s degree in IT, computer science, or related fields.
Twelve years’ experience implementing and managing governance, risk, and compliance technologies and supporting processes.
Extensive experience working in regulatory environments and in large/federated enterprises.
Experience in higher education.
USC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristic protected by law or USC policy. USC observes affirmative action obligations consistent with state and federal law. USC will consider for employment all qualified applicants with criminal records in a manner consistent with applicable laws and regulations, including the Los Angeles County Fair Chance Ordinance for employers and the Fair Chance Initiative for Hiring Ordinance, and with due consideration for patient and student safety. Please refer to the Background Screening Policy Appendix D for specific employment screen implications for the position for which you are applying.
We provide reasonable accommodations to applicants and employees with disabilities. Applicants with questions about access or requiring a reasonable accommodation for any part of the application or hiring process should contact USC Human Resources by phone at (213) 821-8100, or by email at uschr@usc.edu. Inquiries will be treated as confidential to the extent permitted by law.
- Notice of Non-discrimination
- Employment Equity
- Read USC’s Clery Act Annual Security Report
- USC is a smoke-free environment
- Digital Accessibility
If you are a current USC employee, please apply to this USC job posting in Workday by copying and pasting this link into your browser:
https://wd5.myworkday.com/usc/d/inst/1$9925/9925$143654.htmld