Apply on Employer Site

California State University, Los Angeles · 2 hours ago

Chief Information Security Officer

Los Angeles, CA

Full-time

Onsite

Director/Executive

$6,891/mo - $22,191/mo

8+ years exp

California State University, Los Angeles is a premier public university located in Los Angeles, recognized for its commitment to scholarship and diversity. They are seeking a Chief Information Security Officer (CISO) to oversee and manage the university's information security posture, ensuring compliance with federal, state, and local regulations while protecting the university's information assets from cyber threats.

Education

H1B Sponsor Likely

Responsibilities

Identify risks and IT security and compliance requirements and priorities: Collaborate with executive management to establish acceptable risk profiles, balance security measures with operational needs and business objectives, identify and remediate security-related compliance gaps, establish security and compliance governance processes to ensure security and compliance solutions are appropriate, and resources are allocated based on the priorities of the university business objectives

Protect the information assets and reputation of the university from cyberattacks: Design, implement, and maintain a comprehensive campus-wide information security management program, encompassing policies, procedures, practices, and capabilities to safeguard sensitive data and critical infrastructure. Conduct security awareness program to educate Cal State LA user community to protect themselves from phishing and/or cyberattacks

Detect cyber threats, attacks, system vulnerabilities, and security-related non-compliance issues: Enhance technical capabilities to improve cyber threat detection effectiveness. Develop IT security talents to identify symptoms of cyberattacks. Establish security threat detection processes to monitor cyber risks and vulnerabilities. Lead the assessments and security health check efforts on regulatory compliance mandates including FERPA, PII, GLBA, GDPR, PCI DSS, and HIPAA

Respond to security incidents and cyberattacks: Maintain up-to-date Incident Response Management Plans and improve the university's incident response readiness via CSIRT training and tabletop exercises. Lead the incident response efforts, perform investigation, coordinate remediation activities, and ensure effective communication with stakeholders during and after security breaches or cyberattacks. Collect evidence for the cyber incidents to enable post incident activities

Restore disrupted systems and business capabilities after cyber incidents: Coordinate with Infrastructure Team to back up critical systems and sensitive data to enable quick and comprehensive restoration of systems after cyber-attacks or system disruption

Strategic Planning and Prioritization: Actively participate in IT strategic planning initiatives, projects, and resource allocation decisions, prioritizing security investments and aligning cybersecurity strategies with the university's evolving needs

IT Audit Oversight: Oversee IT-related audit responses, ensuring adherence to internal controls, regulatory compliance requirements, and industry best practices

Qualification

Information Security ManagementCybersecurity TechnologiesRisk Management FrameworksIncident Response ManagementSecurity Operations CentersCompliance StandardsData Governance FrameworksVendor ManagementLeadership SkillsCommunication SkillsTeam ManagementContinuous Learning

Required

Bachelor's degree from an accredited four-year college or university in information security, computer science, or a related field

Minimum of 8-10 years of progressive experience in information security, cybersecurity, or a related field

Proven experience in a leadership role, overseeing comprehensive information security programs, and managing security initiatives in a complex organizational environment, preferably in higher education

Demonstrated ability to provide strategic vision and leadership in information security

Strong communication skills with the ability to effectively convey complex security concepts to both technical and non-technical stakeholders

Experience collaborating with executive management and presenting to governing boards

In-depth knowledge of information security principles, cybersecurity technologies, and risk management frameworks

Experience with the implementation and management of security operations centers (SOCs) and security monitoring systems

Familiarity with industry-accepted information security standards, frameworks, and best practices

Expertise in developing, implementing, and maintaining information security policies, procedures, and standards

Experience with information security governance and ensuring compliance with applicable industry standards and governmental regulations

Proven experience leading and managing incident response teams in addressing security breaches and cyberattacks

Strong background in conducting risk assessments and implementing risk management strategies

Experience managing relationships with security-related vendors and overseeing security services

Knowledge of vetting and reviewing security practices and controls of third-party service providers

Familiarity with data governance frameworks and the ability to enforce data classification rules and procedures

Experience with overseeing compliance efforts, including audits and assessments related to FERPA, GLBA, HIPAA, and other relevant regulations

Track record of developing and implementing strategic plans for information security programs

Ability to align information security initiatives with organizational goals

Demonstrated commitment to staying abreast of the latest trends, emerging threats, and best practices in information security

Participation in professional organizations, conferences, and networking events in the cybersecurity field

Experience in leading and developing a diverse team of information security professionals

Ability to foster a collaborative and inclusive team culture

Understanding of legal and regulatory requirements related to information security, particularly in the context of higher education

Preferred

Five (5) or more years of experience in leading teams in a management or leadership role, particularly in a fast-paced, service-oriented environment

Experience working in higher education information technology

Familiar with CSU security and compliance policies and procedures

Familiar with Agile Software Process and Management

Understanding of Cal State LA's mission and values

Commitment to diversity, equity, and inclusion

Benefits

A comprehensive benefits package is provided.

Company

California State University, Los Angeles

Glassdoor3.8

Cal State LA is a public university in Los Angeles, California.

Founded in 1947

Los Angeles, California, USA

1001-5000 employees

http://www.calstatela.edu

H1B Sponsorship

California State University, Los Angeles has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (10)

2024 (8)

2023 (9)

2022 (23)

2021 (8)

2020 (12)

Funding

Current Stage

Late Stage

Total Funding

$1.75M

Key Investors

GettyNASACalifornia Energy Commission

2025-08-20Grant· $0.27M

2023-07-26Grant

2022-12-03Grant· $0.5M

Leadership Team

Marla A. Parker, PhD

Co-Founder of Civic and Social Innovation Group

Anh Hong

Community Partnerships Coordinator

Recent News

Office of Governor California

California Institution for Women celebrates first graduating class from Cal State LA

2025-10-04

San Francisco Chronicle

Trump administration launches probe of alleged antisemitism at CSU system

2025-09-29

PR Newswire

Chaffey College Introduces Journalism Degree Program at California Institution for Men

2025-08-25

Company data provided by crunchbase