Manager, Cyber Governance, Training, and Performance

About The Position

Requirements

• 5 years of experience in governance, risk and compliance, team management and security frameworks.
• A bachelor’s degree in information science or computer science or computer engineering or in related field(s); or combined experience/education as substitute for minimum education.
• Demonstrated experience in policy development and cybersecurity training.
• Extensive knowledge of university standards and regulatory requirements.
• In-depth knowledge of industry standards, regulations, and new industry developments/trends.
• Demonstrated leadership, interpersonal, organizational, critical thinking and analytical skills.
• Advanced judgment, analytical, and decision-making skills.
• Ability to develop analytics from multiple streams of data, interpret trends, develop persuasive recommendations, and present information to varied audiences for the purpose of improving risk management strategies.
• Excellent written and oral communication skills, and an exemplary attention to detail.
• Ability to manage complex, high-performing teams, fostering an environment of trust, collaboration, transparency and accountability.
• Demonstrated knowledge of risk management principles and best practices.
• Proven ability to develop and deliver effective training programs for a broad range of IT and/or business professionals.
• Demonstrated instructional design experience and knowledge of adult learning principles.
• Experience developing web- and computer-based training courses using authoring tools and software (e.g., Adobe Captivate).
• Cyber certification (e.g., CISSP, CISM, and/or equivalent certifications).

Nice To Haves

• 5 years of experience in governance, risk and compliance, team management and security frameworks.
• An MBA or master's degree in computer science.
• Ability to present ideas and solutions in non-technical, user-friendly terms and translate complex ethical, legal and compliance concepts.
• Demonstrated understanding of cyber threat landscape and interplay with business strategic efforts.
• Strong understanding of industry standards, regulations, and security frameworks
• Demonstrated experience with metrics, reporting, and stakeholder training
• In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC’s Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

Responsibilities

• Leads cybersecurity governance across the university, IT, and various departments, schools, and units (DSUs).
• Assists with developing the strategic direction of university cybersecurity efforts.
• Identifies strategic opportunities and challenges and supports the development of initiatives that enhance the university's cybersecurity posture.
• Oversees training for the university community (e.g., students, faculty, staff) to protect themselves against cybersecurity threats, fostering a culture of security awareness.
• Leads the development and implementation of training programs and awareness campaigns aimed at educating the university community about cybersecurity, threats, and best practices (e.g., phishing, password management, secure internet usage).
• Develops and oversees implementation of training materials.
• Ensures that training programs are updated regularly to reflect the latest cybersecurity threats and trends.
• Collaborates with key ITS and external stakeholders to develop holistic standards and strategies for events, councils, and campus-wide initiatives.
• Facilitates collaboration across departments and ensures that cybersecurity considerations are integrated into all aspects of the university's operations.
• Manages relationships with essential stakeholders within IT, academic, and operational areas.
• Serves as a representative on governance councils where applicable.
• Establishes and maintains KPIs and metrics to measure the effectiveness of cybersecurity initiatives and implement continuous improvement.
• Serves as the primary lead for carrying out measurements, evaluations, and assessments to measure effectiveness of cybersecurity efforts; develops and produces related reports and documentation.
• Oversees the development of evaluation frameworks for training activities, measuring impact and effectiveness to facilitate continuous improvements and ensure optimal impact.
• Performs needs assessments to determine the appropriate mix of training courses for different stakeholder groups, in consultation with project teams.
• Implements and maintains cybersecurity best practices across ITS, IT and DSUs.
• Ensures that cybersecurity policies, procedures, and standards are aligned with university strategic objectives and compliance requirements.
• Work with key ITS and external stakeholders to develop holistic standards and strategies for events, councils, and campus-wide initiatives.
• Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the USC Code of Ethics.