42 Information Security jobs in Anaheim

A company is looking for a Chief Information Security Officer. Key Responsibilities Develop and implement a comprehensive cybersecurity strategy aligned with business objectives Establish and oversee an enterprise-wide cybersecurity risk management program, conducting regular risk assessments Lead incident response planning and manage crisis communications during security events Required Qualifications Bachelor's degree in Computer Science, Information Security, or related field; Master's preferred 12+ years of experience in information security, with at least 5 years in senior leadership roles Deep knowledge of cybersecurity frameworks and extensive experience with security technologies Certifications required : CISSP, CISM or CISA Strong business acumen with the ability to align security strategy with business objectives Create a job alert for this search Chief Information Security Officer • Fullerton, California, United States #J-18808-Ljbffr

Join to apply for the Information Security Engineer role at Orange County's Credit Union 1 week ago Be among the first 25 applicants Join to apply for the Information Security Engineer role at Orange County's Credit Union Get AI-powered advice on this job and more exclusive features. Orange County's Credit Union provided pay range This range is provided by Orange County's Credit Union. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range $100,000.00/yr - $25,000.00/yr Orange County’s Credit Union is hiring: Information Security Engineer. Why Orange County's Credit Union? With over 85 years of experience, serving 123,000+ members, and managing $2 5+ billion in assets, we are a premier financial service provider. Our mantra, "Putting People First: Connect, Discover, Deliver & Wow!" is not just a saying—it’s a way of life. On our team. You’ll work closely with leadership to ensure our projects are aligned with our mission to put people first. What We Offer Comprehensive Benefits: Medical, Dental, and VSP effective day one of employment! Financial Security: Enjoy peace of mind with life insurance at no cost to you and a robust 401(k) plan where we contribute up to 8%. Work-Life Balance: Generous days of vacation, seven (7) sick days per year, and paid holidays, you’ll have the time to recharge and pursue your passions. Growth Opportunities: We believe in your professional and personal development, offering educational grants up to $2,000 p r year, step progression opportunities, and annual performance merit increases. Rewarding Work: Annual discretionary bonus and a supportive work environment that celebrates achievements and fosters collaboration. Make a Difference with Us! If you’re looking for a rewarding role where you can contribute to a positive work environment and make a difference in the community, we’d love to hear from you. Apply today and join a team that puts people first, values your expertise, and supports your growth. Overview The Information Security Engineer will play a critical role in evolving and maturing the organization’s information security program to ensure the confidentiality, integrity, and availability of Orange County’s Credit Union assets. The program includes: policies, standards, guidelines, and controls to manage and prevent risks to Orange County’s Credit Union. Responsible for conducting information security reviews (technology, application and process) and vulnerability / risk assessments, monitoring key / compensating controls and baseline configuration standards, and identifying / remediating control gaps to minimize risks. Essential Functions Coordinate and perform risk and vulnerability assessments of the Credit Union’s systems and processes to ensure appropriate controls are in place and recommend / implement controls to remediate risk findings. In collaboration with IT Operations / Technology Services / Software Engineering and outside vendors, design and implement security tools, controls and automation frameworks to ensure the integrity, availability and confidentiality of the organization’s data, systems and services on premises and in public cloud. Design, develop and document (1) network security architecture and baseline configuration standards for firewalls, routers, switches, load balancers, and related network appliances; (2) device security architecture and baseline configuration standards for servers, workstations and mobile devices; (3) application and data security architecture and baseline configuration standards for databases and enterprise applications; and (4) cloud platform security architecture and baseline configuration standards for AWS and Microsoft Azure services. Qualifications Bachelor’s Degree in Computer Science, Information Security, Information Assurance or related technology field. 5+ years of experience in information / cyber security and IT risk management (including hands-on experience in implementing, maintaining, and managing on-prem and cloud-based network / infrastructure / application / data security for the enterprise). 2+ years of hands-on experience in securing AWS and Microsoft Azure cloud infrastructure / applications / services / solutions. Relevant security certifications (at least one is required), such as CISSP, SANS GIAC, CompTIA Security+, AWS Certified Security – Specialty, Azure Security Engineer Associate. The targeted salary range is $100,000.00 to $12 ,000.00. Final offer will be determined based on experience, education, training/certifications and specialized skills. We perform thorough background check and credit check. EOE Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries Banking Referrals increase your chances of interviewing at Orange County's Credit Union by 2x Information Security Analyst (SOC 2 Compliance) Irvine, CA 92,400.00- 115,000.00 1 month ago Information Security Analyst – Strategic Services Irvine, CA $1 5,000.00- 115,000.00 1 month ago Rancho Santa Margarita, CA 80,000.00- 110,000.00 1 month ago Information Security - Network Security Analyst Rancho Santa Margarita, CA 80,000.00- 110,000.00 3 weeks ago Newport Beach, CA 140,000.00- 170,000.00 1 week ago Long Beach, CA 115,000.00- 185,000.00 4 days ago Irvine, CA 147,000.00- 184,900.00 8 months ago Information Security Manager - Project Management (Hybrid) Santa Ana, CA 109,700.00- 146,200.00 3 weeks ago Santa Ana, CA 145,000.00- 193,300.00 2 weeks ago Irvine, CA 147,000.00- 184,900.00 4 weeks ago Information Systems Security Manager (ISSM) Brea, CA 110,000.00- 145,000.00 1 week ago Senior Information Security Cloud Architect - Application Security Santa Ana, CA 145,000.00- 193,300.00 1 month ago Irvine, CA 120,500.00- 186,800.00 1 month ago Orange County, CA 175,000.00- 195,000.00 3 weeks ago Information Systems Security Manager - Top Secret Tustin, CA 150,000.00- 200,000.00 2 days ago Irvine, CA 200,000.00- 250,000.00 2 weeks ago Senior Security Solutions Architect | Presales/Cloud (Remote) Irvine, CA 165,000.00- 200,000.00 1 week ago Senior Information Security Cloud Architect - Application Security Santa Ana, CA 145,000.00- 193,300.00 2 months ago Information Systems Security Manager - Active Clearance Information Security Manager - Project Management (Hybrid) Santa Ana, CA 109,700.00- 146,200.00 3 days ago Security Engineer , Global Services Security Irvine, CA 136,000.00- 212,800.00 2 weeks ago Sr. Manager, Identity and Access Management Platform Irvine, CA 140,500.00- 217,800.00 3 weeks ago Long Beach, CA 120,000.00- 200,000.00 1 week ago Manager, Information Security Innovation Engineer (Automation and Innovation) Software Engineer III, Full Stack, Google Ads Irvine, CA 141,000.00- 202,000.00 1 week ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr

The Information Security Threat Detection and Response team uses advanced technologies like AI-driven threat detection and automated response platforms to monitor and respond to cybersecurity threats in real time. It acts as the hub for defense strategies, security tool integration, and rapid, data-driven decisions to protect the organization's digital ecosystem. The Senior Manager, Threat Detection and Response will report to the Senior Director, Information Security & Operations. In this role, as a forward-thinking leader, you will be responsible for evolving our Security Operations Center (SOC). This role is critical to our mission of safeguarding patient data, maintaining compliance, and ensuring the resilience of technology systems-through both traditional security operations and the strategic use of automation and AI-based security technologies. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years prior relevant experience, including 4 years of management experience Requires strong knowledge of security operations, incident response, SIEM platforms, and threat detection technologies Requires direct experience building and leading a high functioning 24x7 SOC operation, security incident management, and investigations & forensics function Familiarity with frameworks such as MITRE ATT&CK, NIST, HIPAA, and CIS Controls Requires exceptional communication skills with both technical teams and non-technical stakeholders Industry certifications such as CISSP, CISM, GIAC, or equivalent highly desired #LI-EB1 #J-18808-Ljbffr

Role: Information Security Risk & Compliance Duration: 12+ months contract Location: Alhambra, CA (Onsite) Position Description: An Information Security Specialist interprets information security policies, standards and other requirements as they relate to internal information system and coordinates the implementation of these and other information security requirements. The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability. The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.g. penetration testing, accreditation, or risk assessment and mitigation); develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection; assess and mitigate system security threats and risks; perform security audits, evaluation, risk assessments and make a strategic recommendations; and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents. Skills Required: The Information Security Specialist will possess knowledge and experience in standard methodologies used in certification and accreditation processes; extensive experience following NIST guidelines in risk assessment and management; conducting vulnerability analysis; developing mitigation plans; and performing penetration testing, password protection testing and application security testing. Demonstrated expertise in governance, risk management, and cybersecurity compliance, including the development and implementation of policies, standards, and control frameworks. Strong working knowledge of information security regulations and industry frameworks such as NIST (800-53, CSF), ISO/IEC 27001, and PCI DSS, with the ability to map controls and assess compliance. Experience conducting risk assessments, control evaluations, and compliance audits to support enterprise-wide GRC initiatives. Familiarity with vulnerability management, threat intelligence analysis, and security architecture design in support of risk and compliance objectives. Understanding of encryption technologies and data protection principles as they relate to governance and regulatory obligations. Foundational knowledge of technical environments including IT security, networking, and systems administration, with awareness of tools such as SIEM (e.g., Microsoft Sentinel), firewalls, and other endpoint/network security platforms. Experience Required: This classification must have a minimum of five (5) years of experience applying security policies, standards, testing, modification and implementation. At least three (3) years of that experience must be in information security analysis. 3+ years of experience within each of the following: Applying risk management principles, including conducting audits, security assessments, and interpreting industry-standard security frameworks (e.g., NIST, ISO 27001, CIS). Conducting and supporting security operations, control assessments, audit remediation, and enterprise risk governance initiatives. Performing information security risk assessments, evaluating control effectiveness, and analyzing risk impact for technology initiatives and third-party integrations. Participating in incident response processes, including detection, containment, and post-incident analysis. Managing the security of complex, multi-platform IT environments, including various operating systems, software suites, and network protocols, within a large organization. Education Required: This classification requires the possession of a bachelor’s degree in an IT-related or Engineering field. Additional qualifying experience may be substituted for the required education on a year-for-year basis. One (1) or more industry-recognized Certifications in Security: CISSP (Certified Information Systems Security Professional) CRISC – Certified in Risk and Information Systems Control CISA – Certified Information Systems Auditor CISM (Certified Information Security Manager) About this facility:

SCAN Group is a not-for-profit organization dedicated to tackling the most pressing issues facing older adults in the United States. SCAN Group is the sole corporate member of SCAN Health Plan, one of the nations leading not-for-profit Medicare Advantage plans, serving more than 285,000 members in California, Arizona, Nevada, and Texas. SCAN has been a mission-driven organization dedicated to keeping seniors healthy and independent for more than 40 years and is known throughout the healthcare industry and nationally as a leading expert in senior healthcare. SCAN employees are a group of talented, passionate professionals who are committed to supporting older adults on their aging journey, while also innovating healthcare for seniors everywhere. Employees are provided in-depth training and access to state-of-the-art tools necessary to do their jobs, as well as development and growth opportunities. SCAN takes great pride in recognizing our team members as experts in their fields and rewarding them for their efforts. If you are interested in becoming part of an organization that is innovating senior healthcare visit or follow us on LinkedIn; Facebook; and Twitter. The Job As the Chief Information Security Officer (CISO), you will be responsible for establishing and maintaining the enterprise vision, strategy, and programs to ensure that information assets and technologies are adequately protected for both SCAN Health Plan and associated portfolio companies. This role requires a deep understanding of the complexities and regulatory requirements specific to the healthcare industry, including patient data protection, HIPAA compliance, and cybersecurity threats. The CISO will be the strategic leader for all aspects of information security, including security architecture, risk management framework, incident response, security awareness training, and vulnerability management. Responsible for the effective management of information security functions and / or technology teams within the enterprise; including but not limited to applications, communications (voice and data), and computing services. This role will direct the development and administration of information security systems and functions to ensure that enterprise security goals are met. This position works collaboratively with executive leadership, IT, legal, compliance, and external partners to safeguard sensitive health information, maintain regulatory compliance, and mitigate risks associated with evolving cyber threats. You Will Provide leadership, vision and executive oversight in the development and implementation of the information security strategy to define state-of-the-art policies and processes that enable the establishment of consistent and effective information security practices that minimize risk. Implement robust risk management practices and conduct regular security assessments to identify, evaluate, and mitigate information security risks. Establish and chair a Security Governance Committee that regularly reviews security risks and ensures appropriate mitigation strategies. Develop, maintain, and enforce information security policies and procedures. Ensure compliance with healthcare regulations, including HIPAA. Lead the response to information security incidents. Develop and maintain an incident response plan ensuring swift action to minimize impact and manage communication, coordinating with internal and external stakeholders. Oversee the management of information security vendors and third-party service providers. Evaluate and recommend security enhancements and technology solutions. Ensure the security of all electronic information assets. Coordinate with internal and external auditors. Ensure the organization is prepared for and compliant with all regulatory audits. Develop and manage the information security budget. Stay abreast of the latest information security trends and technologies. Foster a culture of continuous improvement in information security practices. Plan for incident-specific responses as well as disaster recovery planning. Monitor compliance with State and Federal regulations for information security of employee data and financial information, responses to identity theft, and other compliance issues such as HIPAA, HITECH, and Cyber Security Act. Respond to data security breaches and lead the development of appropriate tracking / reporting systems. Establish and enforce a process to ensure that all users receive appropriate information security training to perform duties along with periodic information security awareness training; ensures appropriate levels of information security awareness and personal responsibility. Oversee the audit and assessment of system security vulnerabilities, direct the development and deployment of remediation plans, and work with business stakeholders to mitigate the risks and ensure compliance. Create system hardening standards for the various hosts and network systems and oversees their deployment. Assess the current information security landscape and recommend technology and processes to address current and emerging risks. Work with management to develop and maintain a risk management matrix, which maps known risks to IT controls. Remain current on security standards and compliance requirements. Accomplish staff results by communicating job expectations; planning, monitoring, and appraising job results; coaching and counseling employees; initiating, coordinating, and enforcing systems, policies, and procedures. Maintain staff by recruiting, selecting, orienting, and training employees; maintaining a safe and secure work environment; developing personal growth opportunities. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies. Actively support the achievement of SCANs Vision and Goals. Other duties as assigned. Your Qualifications CISSP (Certified Information Systems Security Professional) or Certified Information Security Manager (CISM) GIAC Intrusion Analyst or Security Essentials Certification, and Ethical Hacking training a plus 15 years of Information Technology experience, including 8+ years of experience with information security key function areas or enterprise-wide IT management / administration. 5 years of experience leading or managing a technical team. Healthcare industry experience is required. Understanding and experience with adherence to information and network security standards (HIPAA, HITECH, HITRUST, PCI and PII compliance), data management, disaster recovery. First-hand experience setting up formal IT Security Governance, IT Security Steering Committees, IT Security Operation Centers etc. Strong working knowledge of Cyber Security frameworks like NIST, HITRUST and ISO 27000s. Ability to react quickly and effectively to risks and threats from external and internal sources on a 24 / 7 basis. Thorough understanding of Active Directory, Network / Remote Access Security, Systems Security (Windows, Unix, Mainframe), Application and Web Security, Firewalls and Intrusion Detection Systems, TCP / IP, Proxy, SPAM Filtering, SIEMs, Vulnerability Scanners, IDS / IPS, SQL. Excellent written and oral communication skills, as well as strong interpersonal, critical thinking, and analytical skills. Whats in it for you? Base Pay Range : $285,000 to $335,000 annually An annual employee bonus program Robust Wellness Program Generous paid-time-off (PTO) 11 paid holidays per year, 1 floating holiday, birthday off, and 2 volunteer days Excellent 401(k) Retirement Saving Plan with employer match Robust employee recognition program An opportunity to become part of a team that makes a difference to our members and our community every day! Were always looking for talented people to join our team! Qualified applicants are encouraged to apply now! At SCAN we believe that it is our business to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects our community through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. SCAN is proud to be an Equal Employment Opportunity and Affirmative Action workplace. Individuals seeking employment will receive consideration for employment without regard to race, color, national origin, religion, age, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender perception or identity, age, marital status, disability, protected veteran status or any other status protected by law. A background check is required. LI-JB1 #LI-Hybrid Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor. J-18808-Ljbffr Create a job alert for this search Chief Information Security Officer • Long Beach, CA, United States #J-18808-Ljbffr

• Provide leadership, vision and executive oversight in the development and implementation of the information security strategy to define state-of-the-art policies and processes that enable the establishment of consistent and effective information security practices that minimize risk.
• Implement robust risk management practices and conduct regular security assessments to identify, evaluate, and mitigate information security risks.
• Establish and chair a Security Governance Committee that regularly reviews security risks and ensures appropriate mitigation strategies.
• Develop, maintain, and enforce information security policies and procedures. Ensure compliance with healthcare regulations, including HIPAA.
• Lead the response to information security incidents. Develop and maintain an incident response plan ensuring swift action to minimize impact and manage communication, coordinating with internal and external stakeholders.
• Oversee the management of information security vendors and third-party service providers.
• Evaluate and recommend security enhancements and technology solutions. Ensure the security of all electronic information assets.
• Coordinate with internal and external auditors. Ensure the organization is prepared for and compliant with all regulatory audits.
• Develop and manage the information security budget.
• Stay abreast of the latest information security trends and technologies. Foster a culture of continuous improvement in information security practices.
• Plan for incident-specific responses as well as disaster recovery planning.
• Monitor compliance with State and Federal regulations for information security of employee data and financial information, responses to identity theft, and other compliance issues such as HIPAA, HITECH, and Cyber Security Act.
• Respond to data security breaches and lead the development of appropriate tracking / reporting systems.
• Establish and enforce a process to ensure that all users receive appropriate information security training to perform duties along with periodic information security awareness training; ensures appropriate levels of information security awareness and personal responsibility.
• Oversee the audit and assessment of system security vulnerabilities, direct the development and deployment of remediation plans, and work with business stakeholders to mitigate the risks and ensure compliance.
• Create system hardening standards for the various hosts and network systems and oversees their deployment.
• Assess the current information security landscape and recommend technology and processes to address current and emerging risks.
• Work with management to develop and maintain a risk management matrix, which maps known risks to IT controls.
• Remain current on security standards and compliance requirements.
• Accomplish staff results by communicating job expectations; planning, monitoring, and appraising job results; coaching and counseling employees; initiating, coordinating, and enforcing systems, policies, and procedures.
• Maintain staff by recruiting, selecting, orienting, and training employees; maintaining a safe and secure work environment; developing personal growth opportunities.
• Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
• We seek Rebels who are curious about AI and its power to transform how we operate and serve our members.
• Actively support the achievement of SCAN's Vision and Goals.
• Other duties as assigned.

• Bachelor's degree preferred
• CISSP (Certified Information Systems Security Professional) or Certified Information Security Manager (CISM)
• GIAC Intrusion Analyst or Security Essentials Certification, and Ethical Hacking training a plus
• 15 years of Information Technology experience, including 8+ years of experience with information security key function areas or enterprise-wide IT management/administration.
• 5 years of experience leading or managing a technical team.
• Healthcare industry experience is required.
• Understanding and experience with adherence to information and network security standards (HIPAA, HITECH, HITRUST, PCI and PII compliance), data management, disaster recovery.
• First-hand experience setting up formal IT Security Governance, IT Security Steering Committees, IT Security Operation Centers etc.
• Strong working knowledge of Cyber Security frameworks like NIST, HITRUST and ISO 27000's.
• Ability to react quickly and effectively to risks and threats from external and internal sources on a 24/7 basis.
• Thorough understanding of Active Directory, Network/Remote Access Security, Systems Security (Windows, Unix, Mainframe), Application and Web Security, Firewalls and Intrusion Detection Systems, TCP/IP, Proxy, SPAM Filtering, SIEMs, Vulnerability Scanners, IDS/IPS, SQL.
• Excellent written and oral communication skills, as well as strong interpersonal, critical thinking, and analytical skills.

• Base Pay Range: $285,000 to $335,000 annually
• An annual employee bonus program
• Robust Wellness Program
• Generous paid-time-off (PTO)
• 11 paid holidays per year, 1 floating holiday, birthday off, and 2 volunteer days
• Excellent 401(k) Retirement Saving Plan with employer match
• Robust employee recognition program
• Tuition reimbursement
• An opportunity to become part of a team that makes a difference to our members and our community every day!

Under the direction of a designated administrator, the Information Security Officer develops and implements procedures, policies, strategies, and standards in the management of the College's IT security program and controls. Assesses and recommends strategies to address IT-related risks, threats, and other identified operational deficiencies; develops, coordinates, and leads incident response activities; develops campus-wide IT security plans; monitors systems and ensures compliance with relevant regulatory requirements and standards; and fosters an IT compliance-focused campus culture through end-user education programs. Supervises assigned staff and / or teams. REPRESENTATIVE DUTIES : Collaborates with the College's academic and administrative units and relevant ITS support teams to facilitate IT risk assessments. Implements risk management processes and best practices. Identifies location, type, sensitivity, ownership, and access requirements for data being used by the College. Establishes controls and standards in consultation with supervisor, division / department personnel, and other key constituencies as appropriate. Monitors the external IT environment for emerging threats. Effectively configures and utilizes available systems, alerts, and other sources of information to identify and address security threats and events. Advises supervisor on appropriate course of action. Documents risk analysis of security threats for management review. Researches, evaluates, and recommends appropriate IT security systems, technology, controls, and solutions (e.g., firewalls, intrusion detection / prevention, and vulnerability scanners.) Provides detailed pros and cons, build vs. buy analyses of options. Ensures plans and designs consider security controls, performance, confidentiality, scalability, access, cost, etc. Oversees the implementation of security testing projects and other system plans. Validates project adherence to District policies and standards. Ensures regulatory compliance through thorough testing, assessment, and remediation prior to full implementation. Develops, implements, and manages College-wide IT security incident response processes and procedures. Leads the investigation, coordination, resolution, and closure on security incidents as they are escalated or identified. Generates fact-based reports. Documents incident response processes / protocols and updates as needed. Develops, implements, and maintains a College-wide IT security plan and obtains plan sign-off from key stakeholders and constituencies, as appropriate. Executes a plan that ensures the integrity and confidentiality of information residing in College workstations, servers, mobile devices, and related computer peripherals. Maintains an in-depth technical documentation repository of College systems, networks, and core applications. Leads the planning, testing, and tracking of periodic, College-wide IT security audits. Identifies security gaps and deficiencies through risk assessments and recommends corrective action of identified vulnerabilities and weaknesses. Ensures requisite compliance monitoring is in place to expeditiously identify control weaknesses, compliance breaches, misuse trends, and / or operational loss events. Serves as a subject matter expert on District strategies for information security processes. Ensures implemented processes align to regulatory Federal, State, and industry requirements and District policies. Leads the review and formal approval process for policy and procedural updates to meet or exceed industry standards, compliance requirements, and end-user expectations. Develops, implements, and manages a College-wide IT security awareness and training program that fosters a risk and compliance-focused culture. Ensures training programs align information security activities with regulatory requirements and internal risk management policies. Provides regular guidance, resources, and advocacy on current best practices for information security. Assists with the development and implementation of business continuity and disaster recovery plans to ensure comprehensive information security and mitigation of risks. Assesses and manages the adequacy of mitigation and remediation plans of known cyber security vulnerabilities and threats. Serves as a contributing member of the ITS management team in the development, prioritizing, budgeting, and planning of IT security strategies and related initiatives. Ensures information security risks, recommendations, and mitigation technologies are identified, articulated, and communicated through the District's governance process. Develops and communicates current IT security posture status, IT security strategies, and progress on IT security initiatives to key organizational units, executive management, and the College Board of Trustees, as needed. Establishes and maintains appropriate network of professional contacts. Collaborates with other colleges and universities to share information or resources, as appropriate. Develops and manages partnerships with IT security vendors and consultants. Maintains awareness and knowledge of current changes and best practices within legal, regulatory, and technology environments which may affect the security of IT systems, networks, and overall operations. Ensures supervisor and staff are informed of any changes and updates in a timely manner. Attends conferences and trainings as required to maintain IT security management proficiency. Serves on IT security-related college committees as appropriate. Performs other related duties as assigned or requested. JOB QUALIFICATIONS Education and Experience : Bachelor's degree in an IT related field. Five (5) years of experience in IT networks, systems, or security-related positions. OTHER QUALIFICATIONS : Licenses or Other Certifications : CISSP (Certified Information System Security Professional) desirable, but not required. CISM (Certified Information Security Manager issued by ISACA) desirable, but not required. CISA (Certified Information Security Auditor issued by ISACA) desirable, but not required. Valid California driver's license. Knowledge / Areas of Expertise : Knowledge of IT environment in higher education or other public / government agency. Knowledge of information security, governance, risk and compliance practices and standards. Knowledge of relevant laws / regulations (e.g., FERPA, HIPAA, GLB Act, Sarbanes-Oxley.) Knowledge of IT risk and control frameworks (e.g., CoBIT, ISO, NIST, ITIL, PCI.) Knowledge of information security regulatory requirements and standards. Knowledge of effective IT security systems, network architectures, concepts, techniques, tools. Knowledge of IT security management industry best practices and standards. Experience with development of educational programs in the area of security awareness. Experience with institution-wide networks, systems, and applications. Experienced in developing and implementing IT security policies and procedures. Experienced in IT security auditing and monitoring. Experienced in managing network and system security components (e.g., firewalls, intrusion detection / prevention systems.) Abilities / Skills : Ability to identify, prioritize, and communicate impact of IT security risks and exposures. Ability to maintain compliance with applicable IT security-related laws and regulations. Skilled at organizing and communicating status on IT security strategies and projects. Skilled at developing and testing business continuity and disaster recovery plans. Skilled at analyzing, planning, and organizing. WORKING CONDITIONS : May be required to drive to offsite locations; must have reliable transportation. Use of hands, wrists, and fingers to operate various machines and equipment. Extensive interaction with a variety of individuals. Movement from one work area to another. CLOSING DATE : OPEN UNTIL FILLED SALARY : Starting salary is $135,867 annually. Generally, new employees start at the first step on the salary schedule. Advanced salary placement may be considered on a case-by-case basis. Salary increases are granted on the first day of the month following each year of service, until Step 6 is reached ($57,517 annually). Employees contribute 8% of their earnings toward the Public Employees Retirement System (PERS). CONDITIONS OF EMPLOYMENT This is a full-time, twelve-month classified administrator position subject to a probationary period. The standard work week is 40 hours of scheduled duty per week of not more than five consecutive work days. During the winter recess, all management positions are required to charge three (3) days of accrued vacation between the Christmas and New Year holidays. Excellent fringe benefits include eight 32-hour workweeks during the summer. Offer and acceptance of employment is subject to verification of all information provided on the employment application, credential(s), and transcripts. Candidates selected for employment must agree to be fingerprinted, submit Certificate of Completion of the Tuberculosis Risk Assessment and / or Examination, provide proof of eligibility for employment in the United States, and present a valid Social Security card upon hire. Only individuals identified for FINAL interviews are eligible to have their expenses paid. Reimbursement will be limited to economy airfare (to and from point of origin) and for meals and lodging. The maximum allocated for meals, lodging and transportation is 600. Candidate must complete a Travel Request and Reimbursement Form and submit it together with all supporting documentation to the Human Resources Department. BENEFIT HIGHLIGHTS Health, Life, Dental and Vision Insurance The College provides a diversified insured benefit program for all full-time employees, including medical, dental, vision and life insurance. Dependent medical, dental and vision insurance is available, toward which both the College and the employee contribute. Sick Leave and Disability Paid sick leave is granted equal to one day for each month of service. Sick leave may be accumulated indefinitely. Rather than State Disability Insurance, limited sick leave benefits are available for days beyond the earned sick leave days and are paid at 50 percent. Retirement Full-time employees contribute a percentage of their regular salary to either the State Teachers Retirement System (STRS) or to the Public Employees Retirement System (PERS) and Social Security. Previous employment performed in a different public retirement system may allow eligibility to continue in the same retirement system. Summer Work Hours During the summer, employees work eight 32-hour work weeks with full pay. Create a job alert for this search Information Security Officer • Torrance, CA, US #J-18808-Ljbffr

About Stem
Stem (NYSE: STEM) is a global leader in AI-enabled software and services that enable its customers to plan, deploy, and operate clean energy assets. The company offers a complete set of solutions that transform how solar and energy storage projects are developed, built, and operated, including an integrated suite of software and edge products, and full lifecycle services from a team of leading experts. More than 16,000 global customers rely on Stem to maximize the value of their clean energy projects and portfolios. Learn more at

Stem's culture embodies diversity & inclusion beyond the traditional facets of gender, ethnicity, age, disabilities, and sexual orientation to include experience, personality, communication, workstyles, and more. At our core, Stem is at the momentous intersection of clean energy and software technology where diverse ideas, experiences, and professional skills converge to make the inclusive culture we have today. Together, we are turning old school thoughts about software and energy into progressive, collaborative, and innovative solutions. By joining our team, you will be collaborating with data scientists, energy experts, skilled salespeople, thought-leading executives and more from a range of backgrounds. This intersection of ideas, beliefs, and skills is what makes us unique enough to lead the world's largest network of digitally connected energy storage systems.

What we are looking for:

As a Chief Information Security Officer, you will be responsible for establishing and maintaining Stem's enterprise-wide cybersecurity vision, strategy, and program to ensure all information assets and technologies are adequately protected. You will lead the development and implementation of comprehensive security policies, procedures, and controls while ensuring regulatory compliance across multiple frameworks. This role requires both strategic leadership and hands-on expertise in cybersecurity, with a focus on building a security-first culture that aligns with our business objectives and supports our growth in the clean energy sector.

Responsibilities:

• Strategic Security Leadership - Develop and implement a comprehensive cybersecurity strategy that aligns with Stem's business objectives and risk tolerance, ensuring protection of our clean energy technology platform and customer data.
• Develop and implement cybersecurity and data privacy policies that enable business objectives and satisfy external requirements.
• Risk Management & Governance - Establish and oversee enterprise-wide cybersecurity risk management program, conducting regular risk assessments and implementing appropriate controls to mitigate identified vulnerabilities.
• Compliance & Audit Management - Lead SOC 2 Type II audits, ISO 27001 certification processes, and other regulatory compliance requirements. Ensure adherence to industry standards including NIST, Zero Trust, PCI DSS, and relevant data privacy regulations (GDPR, CCPA).
• Incident Response & Crisis Management - Develop and maintain comprehensive incident response plans, lead crisis communications during security events, and oversee post-incident analysis and remediation efforts.
• Security Architecture & Technology - Guide the selection, implementation, and management of security technologies including SIEM, endpoint detection and response (EDR), identity and access management (IAM), and cloud security solutions.
• Team Leadership & Development - Build and lead a high-performing cybersecurity team. Manage relationships with external security providers and consultants.
• Business Enablement - Collaborate with executive leadership to ensure security initiatives support business growth while maintaining appropriate risk levels. Translate complex security concepts into business-friendly language for stakeholders.
• Security Awareness & Training - Develop and implement comprehensive cybersecurity awareness programs for all employees, ensuring a security-first culture throughout the organization.
• Regulatory & Legal Coordination - Work closely with legal, compliance, and privacy teams to ensure cybersecurity practices meet all regulatory requirements and contractual obligations.
• Budget Management - Develop and manage cybersecurity budget, ensuring efficient allocation of resources while maintaining effective security posture.
• Third-Party Risk Management - Establish and oversee vendor security assessment programs, ensuring all third-party relationships maintain appropriate security standards.
• Business Continuity & Disaster Recovery - Develop and maintain comprehensive business continuity and disaster recovery plans, ensuring rapid recovery from security incidents.

Requirements:

Education:

• Bachelor's degree in Computer Science, Information Security, or related technical field required. Master's degree in Cybersecurity, Information Systems, or relevant discipline preferred.

Experience:

• 12+ years of progressive experience in information security roles with at least 5 years in senior leadership positions
• 10+ years of hands-on experience with cybersecurity technologies and frameworks
• Proven track record of leading SOC 2, ISO 27001, and other compliance audit processes
• Experience in technology companies, preferably in clean energy, SaaS, or IoT environments

Technical Expertise:

• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, COBIT, SANS)
• Extensive experience with security technologies (SIEM, EDR, IAM, firewalls, intrusion detection/prevention)
• Strong understanding of cloud security (AWS, Azure, GCP) and DevSecOps practices
• Experience with vulnerability management, penetration testing, and security assessments
• Knowledge of data privacy regulations (GDPR, CCPA, HIPAA) and their implementation

Certifications (Required):

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor)
• Additional preferred certifications: CCISO, CISSP, CGEIT, CRISC

Leadership & Business Skills:

• Proven ability to build and lead high-performing security teams
• Strong business acumen with ability to align security strategy with business objectives
• Excellent communication skills with ability to present to executive audiences and board members
• Experience working with customers on security and compliance requirements
• Track record of successfully managing security budgets and vendor relationships

Industry Knowledge:

• Understanding of critical infrastructure security requirements
• Knowledge of energy sector regulations and compliance requirements
• Experience with IoT security and industrial control systems preferred
• Familiarity with financial services and energy trading security requirements

What We Offer:

At Stem, you will work in a growing, innovative, mission-driven company with talented colleagues that have a passion for building renewable energy systems.Stem offers competitive compensation as well as a comprehensive set of benefits to support the health and wellness of our employee including:

• A competitive compensation package, including eligibility for a bonus or commission based on the role, and equity
• Full health benefits on the first day of employment (several medical plan options-HDHP and PPO, dental plans, FSA/HSA-with employer contribution, employer paid vision/LTD/STD/Life, variety of voluntary coverage)
• 401k (pre- or post-tax) on first day of employment
• 12 paid calendar holidays per year
• Flexible time-off

Learn More

To learn more about Stem, visit our stem.com where you'll find information about our solutions, technology, partners, case studies, resources, latest news and more. Here are some relevant links:

• Company Overview
• Newsroom
• Case Studies
• LinkedIn

Stem, Inc . is an equal opportunity employer committed to diversity in the workplace and does not discriminate against any employee or applicant for employment because of race, color, sex, pregnancy, religion, national origin, ethnicity, citizenship, sexual orientation, gender identity, age, marital status, disability, genetic information, military status, protected veteran status or any other factor protected by applicable federal, state or local laws.

Job Description National Leaders in Pediatric Care Ranked among the top 10 pediatric hospitals in the nation, Children’s Hospital Los Angeles (CHLA) provides the best care for kids in California. Here, world-class experts in medicine, education, and research work together to deliver family-centered care over half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each designed specifically for children. The future of CHLA is brighter than ever, with investments in technology, research, and innovation to create care that is personal, convenient, and empowering. Our scientists collaborate with clinical experts to turn laboratory discoveries into treatments tailored for each patient. Together, CHLA team members are transforming healthcare into health transformation. Join a hospital where your work truly matters — to you, your colleagues, and above all, our patients and families. The work can be challenging, but it is always rewarding. Position Details This position is remote. Candidates must reside in California. Purpose Statement / Position Summary Information Security protects CHLA’s data and information related to patients, employees, research, and all business functions. The Information Security Engineer will provide technical leadership and architectural expertise to ensure the security and protection of CHLA’s information assets and IT resources. Responsibilities include planning, designing, and implementing security solutions based on business and technical requirements, working closely with clinical staff and the Information Services department. The role also involves researching, developing, and improving security practices to align with technological advancements and regulatory requirements such as HIPAA and HITECH. Minimum Qualifications / Work Experience 7+ years of relevant work experience required. Experience in Information Security solution and tool engineering required. Experience with risk assessments, especially involving internal and third-party evaluations, highly preferred. Knowledge of cloud security, security metrics, reporting, and operations preferred. Technical Knowledge Familiarity with VPN, IPSec, DES encryption, Digital Certificates, SSL, TCP/IP, DNS, DMZ, web security architecture, and related tools such as Nmap, Nessus, CyberArk, Webinspect, Snort, etc. Understanding of information security standards, regulations (e.g., HIPAA, HITECH), and security principles across various systems. Knowledge of business process standards like ITIL, LEAN, Six Sigma. Strong analytical, problem-solving, communication, and interpersonal skills. Education / Licensure / Certification Bachelor’s Degree in Computer Science or related field preferred. CISSP, GIAC, or equivalent certifications preferred. Salary Range $99,424.00 - $178,963.00, based on experience and qualifications. Additional Information CHLA offers a competitive compensation package, benefits, and a supportive environment dedicated to creating hope and building healthier futures. CHLA is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, gender identity, age, disability, or other protected categories. Qualified applicants with criminal histories will be considered in accordance with applicable laws. #J-18808-Ljbffr