Manager, Cyber Governance, Training, and Performance

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience, cyber risk management, and threat-informed defense. As a world-class research institution, USC is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization that’s leading this transformation. You’ll join a team focused on scalable, proactive defense strategies, incident preparedness, and operational excellence—working alongside experts who are deeply committed to service, innovation, and impact.

If you’re driven by purpose, thrive in complexity, and want to help shape the future of cybersecurity at a leading university, we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Manager, Cyber Governance, Training, and Performance you will be an integral leader of the cybersecurity department while also collaborating with stakeholders across the university ecosystem, and reporting to the Cyber Governance Director.  This is a full-time exempt position, eligible for all of USC’s fantastic Benefits + Perks.  This opportunity is remote. 

The Manager, Cyber Governance, Training, and Performance leads cybersecurity governance across the university, IT, and various departments, schools, and units (DSUs). Assists with developing the strategic direction of university cybersecurity efforts. Oversees training and awareness efforts for university community, including, but not limited to, students, faculty, and staff to protect themselves against cybersecurity threats. Establishes and maintains key performance indicators (KPIs) and metrics to measure the effectiveness of cybersecurity initiatives. Implements and maintains cybersecurity best practices, performs needs assessments, and evaluates effectiveness of cybersecurity efforts; develops and produces related reports and governance materials.

The Manager, Cyber Governance, Training, and Performance will:

• Leads cybersecurity governance across the university, IT, and various departments, schools, and units (DSUs). Assists with developing the strategic direction of university cybersecurity efforts. Identifies strategic opportunities and challenges and supports the development of initiatives that enhance the university's cybersecurity posture.

•  Oversees training for the university community (e.g., students, faculty, staff) to protect themselves against cybersecurity threats, fostering a culture of security awareness. Leads the development and implementation of training programs and awareness campaigns aimed at educating the university community about cybersecurity, threats, and best practices (e.g., phishing, password management, secure internet usage). Develops and oversees implementation of training materials. Ensures that training programs are updated regularly to reflect the latest cybersecurity threats and trends.

•  Collaborates with key ITS and external stakeholders to develop holistic standards and strategies for events, councils, and campus-wide initiatives. Facilitates collaboration across departments and ensures that cybersecurity considerations are integrated into all aspects of the university's operations. Manages relationships with essential stakeholders within IT, academic, and operational areas. Serves as a representative on governance councils where applicable.

•  Establishes and maintains KPIs and metrics to measure the effectiveness of cybersecurity initiatives and implement continuous improvement. Serves as the primary lead for carrying out measurements, evaluations, and assessments to measure effectiveness of cybersecurity efforts; develops and produces related reports and documentation.

• Oversees the development of evaluation frameworks for training activities, measuring impact and effectiveness to facilitate continuous improvements and ensure optimal impact. Performs needs assessments to determine the appropriate mix of training courses for different stakeholder groups, in consultation with project teams.

• Implements and maintains cybersecurity best practices across ITS, IT and DSUs. Ensures that cybersecurity policies, procedures, and standards are aligned with university strategic objectives and compliance requirements. Work with key ITS and external stakeholders to develop holistic standards and strategies for events, councils, and campus-wide initiatives.

•  Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the USC Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidates for the position of Manager, Cyber Governance, Training, and Performance will meet the following qualifications:

• 5 years of experience in governance, risk and compliance, team management and security frameworks.

• A bachelor’s degree in information science or computer science or computer engineering or in related field(s); or combined experience/education as substitute for minimum education.

• Demonstrated experience in policy development and cybersecurity training.

• Extensive knowledge of university standards and regulatory requirements.

• In-depth knowledge of industry standards, regulations, and new industry developments/trends.

• Demonstrated leadership, interpersonal, organizational, critical thinking and analytical skills.

• Advanced judgment, analytical, and decision-making skills.

• Ability to develop analytics from multiple streams of data, interpret trends, develop persuasive recommendations, and present information to varied audiences for the purpose of improving risk management strategies.

• Excellent written and oral communication skills, and an exemplary attention to detail.

• Ability to manage complex, high-performing teams, fostering an environment of trust, collaboration, transparency and accountability.

• Demonstrated knowledge of risk management principles and best practices.

• Proven ability to develop and deliver effective training programs for a broad range of IT and/or business professionals.

• Demonstrated instructional design experience and knowledge of adult learning principles.

• Experience developing web- and computer-based training courses using authoring tools and software (e.g., Adobe Captivate).

• Cyber certification (e.g., CISSP, CISM, and/or equivalent certifications).

PREFERRED QUALIFICATIONS

Exceptional candidates for the position of Manager, Cyber Governance, Training, and Performance will also bring the following qualifications or more:

• 5 years of experience in governance, risk and compliance, team management and security frameworks.

• An MBA or master's degree in computer science.

• Ability to present ideas and solutions in non-technical, user-friendly terms and translate complex ethical, legal and compliance concepts.

• Demonstrated understanding of cyber threat landscape and interplay with business strategic efforts.

• Strong understanding of industry standards, regulations, and security frameworks

• Demonstrated experience with metrics, reporting, and stakeholder training

In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC’s Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $159,914.79 to $189,911.02. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate’s work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

To support the well-being of our faculty and staff, USC provides benefits-eligible employees with a broad range of perks to help protect their and their dependents’ health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC’s comprehensive benefits here.

Join the USC cybersecurity team within an environment of innovation and excellence.

Minimum Education: Bachelor's degree In Computer Science Or Information System Management - Network Management Or Cyber Security Or in related field(s) Minimum Certifications: Cyber certification (e.g., CISSP, CISM, and/or equivalent certifications) Addtional Education Requirements Combined experience/education as substitute for minimum education Minimum Experience: 5 years in governance, risk and compliance, team management and security frameworks. Addtional Experience Requirements Combined experience/education as substitute for minimum work experience Minimum Skills: Demonstrated experience in policy development and cybersecurity training. Extensive knowledge of university standards and regulatory requirements. In-depth knowledge of industry standards, regulations, and new industry developments/trends. Demonstrated leadership, interpersonal, organizational, critical thinking and analytical skills. Advanced judgment, analytical, and decision-making skills. Ability to develop analytics from multiple streams of data, interpret trends, develop persuasive recommendations, and present information to varied audiences for the purpose of improving risk management strategies. Excellent written and oral communication skills, and an exemplary attention to detail. Ability to manage complex, high-performing teams, fostering an environment of trust, collaboration, transparency and accountability. Demonstrated knowledge of risk management principles and best practices. Proven ability to develop and deliver effective training programs for a broad range of IT and/or business professionals. Demonstrated instructional design experience and knowledge of adult learning principles. Experience developing web- and computer-based training courses using authoring tools and software (e.g., Adobe Captivate). Preferred Education: MBA Or Master's degree In Computer Science Preferred Experience: 7 years in governance, risk and compliance, team management and security frameworks. Preferred Skills: Ability to present ideas and solutions in non-technical, user-friendly terms and translate complex ethical, legal and compliance concepts. Demonstrated understanding of cyber threat landscape and interplay with business strategic efforts.