Vancouver, British Columbia, Canada
Posted: 10-Dec-25
Location: Los Angeles, California
Type: Full Time
Salary: $146,000 - $200,000
Categories:
Currency:
Region:
Required Education:
Certifications:
CISA - Certified Information Systems Auditor
CISM - Certified Information Security Manager
Loyola Marymount University (LMU) is seeking an experienced leader to serve as Director of Information Security & Compliance within our Information Technology Services (ITS) team. This role offers a strategic opportunity to shape and safeguard the university’s digital environment, drive proactive risk management, and embed a culture of security across the organization.
Reporting directly to the CIO/VP of IT, the Director will architect and manage a best-in-class information security and compliance program that supports LMU’s mission of learning, holistic education, service, and justice.
The Opportunity
At LMU, our Information Technology Services team empowers a transformative learning experience through technology. We provide intuitive, reliable, and integrated systems that support teaching, scholarship, and institutional operations in alignment with the university’s mission to foster learning, educate the whole person, serve faith, and promote justice.
Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will serve as the University’s Cybersecurity leader. The Director will create a modern and effective Information Security and Compliance Program that will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals.
The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university’s compliance with applicable laws, regulations, and policies related to information security and privacy. Under the guidance of the CIO/VP of IT, the Director of Information Security & Compliance will be a key architect of LMU’s digital resilience.
Leadership Responsibilities
• Enhance Security Posture: Develop and implement a comprehensive cybersecurity program
that significantly reduces risks and vulnerabilities across the university's digital landscape.
• Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations
and standards, ensuring that LMU meets all legal and regulatory requirements.
• Collaborative Protection: Work closely with various campus partners, external stakeholders,
and community partners to ensure that information assets and associated technologies are
protected, resulting in a cohesive, unified, and well understood approach to information
security and compliance.
• Risk Management: Conduct thorough risk assessments and implement effective mitigation
strategies, leading to a demonstrable reduction in potential threats.
• Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift
and effective investigation and resolution of security incidents.
• Policy Development: Create and enforce robust policies and procedures that safeguard
information assets, leading to a well-documented and easily accessible framework for
cybersecurity.
• Training and Awareness: Provide comprehensive training and guidance to staff on
cybersecurity best practices, resulting in a well-informed and vigilant workforce.
• Monitoring and Reporting: Continuously monitor and report on the effectiveness of the
cybersecurity program, providing clear metrics and insights that demonstrate progress and
areas for improvement.
• Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services,
and resources necessary to effectively support the program and meet strategic goals.• Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable
approach to providing ITS services, during and after a disaster or disruption, to minimize
negative impacts to business operations and maintain essential services.
• Data Governance: Oversee the university’s data governance efforts, ensuring that data is
managed securely and in compliance with university policies and legal requirements.
Qualifications:
Education: Bachelor’s degree (or higher) in Computer Science, Information Technology, Cybersecurity, or a related field from an accredited institution.
Professional Experience: At least 7 years in information security, including a minimum of 3 years in a leadership or management capacity.
Higher Education Experience: Experience working in a university or higher-education environment is highly desirable.
Certifications: Preferred certifications include CISSP, CISM, or CISA.
Strong knowledge of frameworks, standards, and best practices relating to Information Security,
Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with
regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS).
Communication Skills: Outstanding verbal, written, and presentation skills. Ability to convey complex technical
and regulatory concepts clearly to both technical and non-technical stakeholders. Writing samples may be requested.
Analytical & Decision-Making Ability: Proven capacity to analyze complex security risks, make strategic decisions, and implement solutions.
Interpersonal & Leadership Skills: Demonstrated success leading a team, collaborating across functions, and driving a security-aware culture