Manager, Cyber Defense

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience cyber risk management and threat-informed defense. As a world-class research institution USC is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization thats leading this transformation. Youll join a team focused on scalable proactive defense strategies incident preparedness and operational excellenceworking alongside experts who are deeply committed to service innovation and impact.

If youre driven by purpose thrive in complexity and want to help shape the future of cybersecurity at a leading university we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Manager Cyber Defense you will be an integral leader of the cybersecurity department while also collaborating with stakeholders across the university ecosystem and reporting to the Director Cyber Defense. This is a full-time exempt position eligible for all of USCs fantastic Benefits Perks. This opportunity is remote.

The Manager Cyber Defense manages and supports the Cyber Defense program under the guidance of the Cyber Defense Director ensuring the continuity of the universitys education and research missions without disruption from cybersecurity threats. Leads day-to-day operations of the universitys Security Operations Center (SOC) with responsibility for threat detection security monitoring incident response and frontline analyst oversight. Ensures that tooling workflows and metrics align with enterprise risk and threat intelligence priorities. Works cross-functionally with endpoint IAM cloud CTI OT and vendor teams to improve alert fidelity accelerate containment and uphold cybersecurity standards and service levels. Leads incident response and mitigation efforts and ensures that standard operating procedures are defined tracked and met throughout.

The Manager Cyber Defense will:

• Manages and supports the Cyber Defense program under the guidance of the Cyber Defense Director. Assists executive leadership in developing and enhancing Cyber Defense capabilities by leveraging expertise in various aspects of the Cyber Defense landscape. Plans budgets and directs Cyber Defense activities to ensure alignment with organizational goals and cybersecurity strategies. Oversees the day-to-day operations of the Cyber Defense function ensuring alignment with cybersecurity strategies and goals.

• Oversees day-to-day SOC operations and staff including triage escalation and response activities across a range of cybersecurity incidents. Owns the lifecycle of SIEM and EDR use cases including detection rule development tuning for false positives and validation against threat intelligence. Develops and implements security monitoring policies procedures standards and clearly defined roles and responsibilities. Identifies opportunities to enhance threat intelligence and security monitoring coverage. Sets monitoring expectations and goals in alignment with the universitys cybersecurity strategy. Tracks and reports potential security violations ensuring compliance with cybersecurity standards.

• Supports and manages the universitys Incident Response (IR) program ensuring all IR activities align with the universitys IR Plan. Leads internal investigations of security incidents and responds to cybersecurity events. Collaborates with legal compliance and regulatory teams to address forensic issues and risks associated with security incidents. Works closely with managed service providers to enhance cybersecurity incident response and mitigation efforts.

• Delivers regular operational reports to senior leadership summarizing activity trends performance and key risk indicators. Generates and maintains reports on security monitoring efforts security status and incident response effectiveness. Ensures compliance with cybersecurity policies regulations and industry standards. Supports and manages the systems and programs that monitor the universitys assets network and data ensuring the prevention of events that negatively impact confidentiality availability and integrity.

• Participates in staff management activities (e.g. hiring coaching training performance reviews pay actions and promotions). Offers recommendations to leadership on security monitoring and incident response strategies based on informed analysis.

• Helps set security monitoring expectations and goals that support the universitys cybersecurity strategy. Implements or assists in coordinating the implementation of security monitoring policies procedures standards and roles and responsibilities. Seeks opportunities to improve threat intelligence and security monitoring coverage. Manages operational metrics and KPIs including MTTR detection coverage alert volume and false positive rates.

• Maintains awareness and knowledge of current changes within legal regulatory and technology environments which may affect operations. Encourages a workplace culture where all employees are valued value others and have the opportunity to contribute through their ideas words and actions in accordance with the USC Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidates for the position of Manager Cyber Defense will meet the following qualifications:

• 5 years in key Cyber Defense areas (e.g. incident response security monitoring cyber threat intelligence attack surface and vulnerability management).

• A Bachelors degree or combined experience/education as substitute for minimum education.

• In-depth knowledge of industry standards regulations and new industry developments/trends.

• Ability to interface with teams across the CISO Office and ITS such as Enterprise and Infrastructure Services and across USC IT teams

• Thorough understanding of technology tools policies and standards related to security systems and incident response.

• Understanding and technical knowledge of Cyber Defense concepts (e.g. incident response security monitoring cyber threat intelligence attack surface and vulnerability management).

• Strong leadership and people management skills.

• Solid technical knowledge and troubleshooting skills.

• Ability to work effectively in high-stress situations and in managing crisis situations.

• Skilled in communicating with a diverse range of stakeholders and business partners especially in high-stress or crisis situations.

• Knowledge of customer service performance metrics.

• Experience in the management and/or implementation of security monitoring anti-malware and vulnerability management technologies.

• Strong understanding of detection frameworks (MITRE ATT&CK D3FEND) SIEM and EDR operations and playbook development.

• Experience with Chronicle ThreatQ Proofpoint SentinelOne and related security technologies.

• Experience managing third-party security service providers.

• CISSP certification.

• ITIL Certified.

• The role requires participation in emergency response activities after-hours escalations and incident postmortems as needed.

PREFERRED QUALIFICATIONS

Exceptional candidates for the position of Manager Cyber Defense will also bring the following qualifications or more:

• 7 years of relevant experience.

• One or more relevant GIAC certifications (e.g. Security Essentials GSEC Certified Perimeter Protection Analyst GPPA Certified Enterprise Defender GCED).

In addition the successful candidate must also demonstrate through ideas words and actions a strong commitment to USCs Unifying Values of integrity excellence community well-being open communication and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $184219.18 to $223110.07. When extending an offer of employment the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position the candidates work experience education/training key skills internal peer alignment federal state and local laws contractual stipulations grant funding as well as external market and organizational considerations.

To support the well-being of our faculty and staff USC provides benefits-eligible employees with a broad range of perks to help protect their and their dependents health wealth and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USCs comprehensive benefits here.

Join the USC cybersecurity team within an environment of innovation and excellence.

USC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin protected veteran status disability or any other characteristic protected by law or USC policy. USC observes affirmative action obligations consistent with state and federal law. USC will consider for employment all qualified applicants with criminal records in a manner consistent with applicable laws and regulations including the Los Angeles County Fair Chance Ordinance for employers and the Fair Chance Initiative for Hiring Ordinance and with due consideration for patient and student safety. Please refer to theBackground Screening Policy Appendix Dfor specific employment screen implications for the position for which you are applying.

We provide reasonable accommodations to applicants and employees with disabilities. Applicants with questions about access or requiring a reasonable accommodation for any part of the application or hiring process should contact USC Human Resources by phone at or by email at. Inquiries will be treated as confidential to the extent permitted by law.

• Notice of Non-discrimination
• Employment Equity
• Read USCs Clery Act Annual Security Report
• USC is a smoke-free environment
• Digital Accessibility

If you are a current USC employee please apply to thisUSC job posting in Workday by copying and pasting this link into your browser: