Director, Cyber Governance

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience, cyber risk management, and threat-informed defense. As a world-class research institution, USC is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization that's leading this transformation. You'll join a team focused on scalable, proactive defense strategies, incident preparedness, and operational excellence-working alongside experts who are deeply committed to service, innovation, and impact.

If you're driven by purpose, thrive in complexity, and want to help shape the future of cybersecurity at a leading university, we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Director, Cyber Governance you will be an integral leader of the cybersecurity department while also collaborating with stakeholders across the university ecosystem, and reporting to the Chief Information Security Officer. This is a full-time exempt position, eligible for all of USC's fantastic Benefits + Perks. This opportunity is hybrid.

The Director, Cyber Governance oversees execution of responsibilities of the InfoSec Officers managers and governance training and performance manager. Accountable for university's security training and awareness, cybersecurity governance, and reporting of security metrics. Manages relationships with key stakeholders across the university.

The Director, Cyber Governance will:

• Oversees the management of the team's operations, allowing that the procedures, resources, and services provided effectively support staff, faculty and student success and align with university goals.

• Oversees planning, budgeting and directing.

• Provides oversight of metrics gathering and reporting across the cybersecurity domains and monitoring the effectiveness of the cybersecurity function.

• Determines alignment to defined industry standard frameworks along with any university established frameworks in an effort to monitoring continuous improvement of services and capabilities within the function.

• Directs the development, delivery, and approval coordination of security training and campaign materials across university business functions. Manages the policy, standards and policy exceptions management process. Coordinates and collaborates with professional and managed service teams across the cybersecurity function.

• Oversees and directs Information Security Officers team and foster collaboration with university stakeholders on cross-functional cybersecurity engagement.

• Defines the roles and responsibilities of individuals and teams involved in cybersecurity governance (e..g, establishing of a governance committee/board to oversee cybersecurity initiatives).

• Serves as a representative on governance councils where applicable.

• Provides security risk management consulting and structure from a cyber governance perspective for key stakeholders across the university.

• Manages integration and alignment of security initiatives within the business objectives.

• Accountable for all aspects of staff management, (e.g., hiring, coaching, training, performance reviews, pay actions, and promotions within the Cyber Governance organization). Provides technical leadership and mentorship to ensure a high performing Cyber Governance team.

• Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the USC Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidates for the position of Director, Cyber Governance will meet the following qualifications:

• 10 years of experience in governance, risk and compliance, team management and security frameworks.

• A bachelor's degree in information science or computer science or computer engineering or in related field(s); or combined experience/education as substitute for minimum education.

• In-depth knowledge of industry standards, regulations, and new industry developments/trends (e.g., ISO 27001, NIST CSF).

PREFERRED QUALIFICATIONS

Exceptional candidates for the position of Director, Cyber Governance will also bring the following qualifications or more:

• 15 years of related experience.

• Ability to gain government and/or university security clearance (as required).

• Understanding and technical knowledge of key cybersecurity governance concepts (e.g., security training/awareness, policy management) and key security risk management concepts (e.g., cybersecurity consulting, third-party management, software security, security architecture).

• Experience with formation/execution of cybersecurity governing bodies to support broader cybersecurity efforts in an enterprise environment.

• Demonstrated management skills (e.g., ability to coach, mentor and effectively communicate with personnel, up to C-level).

• Ability to coordinate and work efficiently with managed and professional service teams

• Relevant experience in large or university-like federated enterprises, with the ability to provide consulting guidance and build relationships within university schools, units, and hospitals.

• Ability to design, evaluate, and continually improve security functions and review processes.

• Possesses strong management skills (e.g., delegation, provision of clear implementation guidance).

• Proficient in executing and managing Governance and Risk Management (GRM) technologies and processes.

• Ability to balance multiple responsibilities, demonstrate strong problem-solving skills and possesses a customer centric mindset.

In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC's Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $245,892.64 to $271,657.61. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

To support the well-being of our faculty and staff, USC provides benefits-eligible employees with a broad range of perks to help protect their and their dependents' health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC's comprehensive benefits here.

Join the USC cybersecurity team within an environment of innovation and excellence.

Minimum Education: Bachelor's degree In Computer Science Or Computer Information Systems Or Cyber Security Or in related field(s)
Addtional Education Requirements Combined experience/education as substitute for minimum education
Minimum Experience: 10 years in governance, risk and compliance, team management and security frameworks.
Minimum Skills: In-depth knowledge of industry standards, regulations, and new industry developments/trends (e.g., ISO 27001, NIST CSF).
Preferred Education: Master's degree In Computer Science Or MBA
Preferred Certifications: Cyber certification (e.g., CISSP, GIAC, CISM).
Preferred Experience: 15 years
Preferred Skills: Ability to gain government and/or university security clearance (as required). Understanding and technical knowledge of key cybersecurity governance concepts (e.g., security training/awareness, policy management) and key security risk management concepts (e.g., cybersecurity consulting, third-party management, software security, security architecture). Experience with formation/execution of cybersecurity governing bodies to support broader cybersecurity efforts in an enterprise environment. Demonstrated management skills (e.g., ability to coach, mentor and effectively communicate with personnel, up to C-level). Ability to coordinate and work efficiently with managed and professional service teams Relevant experience in large or university-like federated enterprises, with the ability to provide consulting guidance and build relationships within university schools, units, and hospitals. Ability to design, evaluate, and continually improve security functions and review processes. Possesses strong management skills (e.g., delegation, provision of clear implementation guidance). Proficient in executing and managing Governance and Risk Management (GRM) technologies and processes. Ability to balance multiple responsibilities, demonstrate strong problem-solving skills and possesses a customer-centric mindset.