The University of Southern California's (USC's) Institute for Creative Technologies (ICT) is seeking a highly skilled Information Systems Security Officer (ISSO) to join our team. The ISSO will report to the CIO and play a crucial role in ensuring the security of our information systems by coordinating, implementing, and enforcing information security policies. The successful candidate will serve as a liaison between various departments and our Information Security Strategy team, contributing to the overall security posture of the organization.

Key Responsibilities:

• Act as a liaison between assigned areas and Information Security Strategy team.
• Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
• Perform analysis to identify critical data, assets, and processes within the assigned area.
• Recommend logging/monitoring rules and provide configuration management support for information system security software, hardware, and firmware.
• Review the quality of threat intelligence information and provide constructive feedback to improve security measures.
• Communicate and translate information security policies, standards, and procedure requirements, serving as a subject matter resource for university policies and standards.
• Support the management and remediation of information security risks.
• Assist with regulatory compliance assessments, security risk assessments, findings analysis, and remediation.
• Support the implementation and communication of security training and awareness activities.
• Train individuals within the assigned area on how to incorporate security into job functions and processes.
• Track and remediate compliance tasks related to foundational security framework requirements outlined by the Department of Defense.
• Provide oversight of the overall endpoint security program, including vulnerability management, endpoint detection and response, and security baseline configuration tracking.
• Support the design, configuration, and implementation of baseline configurations across all technology components, both in the "system" and cloud environments, as per DFARS and CMMC Level 1 and Level 2 requirements.
• Assist in creating, managing, and updating all security compliance documentation, including System Security Plans, Roles and Responsibilities matrices, general security documentation, informational guides, as well as local unit policies and standards.

Qualifications:

• Bachelor's degree in information technology, Computer Science, or related field.
• Certified Information Systems Security Professional (CISSP) certification preferred.
• Minimum of 5 years of experience in information security or related field.
• Strong understanding of information security principles, practices, and technologies, including the relationship between threat, vulnerability, and information value in the context of risk management.
• Understanding and working knowledge of information security fundamentals and concepts.
• Experience with regulatory compliance assessments and security risk management.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
• Proven track record of working with diverse teams and stakeholders to achieve common security goals.
• Ability to adapt to changing security landscapes and prioritize tasks in a dynamic environment.
• Attention to detail and strong analytical skills, with the ability to identify and mitigate security risks effectively.
• Demonstrated commitment to ongoing professional development and staying current with industry trends and best practices.
• Strong analytical thinking, strong decision-making skills, and the ability to effectively communicate with individuals at all levels.
• Experience in designing, evaluating, and documenting processes and leading teams in accomplishing process review and improvement.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)
• Cisco Certified Network Associate (CCNA)
• Cisco Certified Entry Networking Technician (CCENT)
• GIAC Security Essentials (GSEC)
• Microsoft Certified Solutions Associate (MCSA)
• Certified Information Security Manager (CISM)

The annual base salary range for this position is $147,000 to $166,000. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

The University of Southern California's Institute for Creative Technologies (ICT) is an off-campus research facility, located on a creative business campus in the "Silicon Beach" neighborhood of Playa Vista. ICT is revolutionizing training through the development of immersive learning environments. We are the leaders in producing virtual humans, computer training simulations, computer graphics and immersive experiences for decision-making, cultural awareness, leadership, and health. The atmosphere at ICT is informal and flexible, while also encouraging initiative, personal responsibility, and a strong work ethic. We find ICT to be an exciting place to work and expect you will too.

Minimum Education: Bachelor's degree Addtional Education Requirements Combined experience/education as substitute for minimum education Minimum Experience: 5 years Minimum Skills: Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management. Understanding and working knowledge of information security fundamentals and concepts. Strong analytical thinking, strong decision-making skills and the ability to effectively communicate with individuals at all levels. Experience in designing, evaluating and documenting processes and leading teams in accomplishing process review and improvement. Preferred Education: Bachelor's degree Preferred Certifications: Certified Information Systems Security Professional (CISSP) Cisco Certified Network Associate (CCNA) Cisco Certified Entry Networking Technician (CCENT) GIAC Security Essentials (GSEC) Microsoft Certified Solutions Associate (MCSA) Certified Information Security Manager (CISM) Preferred Experience: 8 years