Apply now »

Information Security Officer

Job Category:  Information Technology
Department:  IT Executive Administration

Los Angeles, CA, US, 90017

Position Type:  Full Time
Requisition ID:  8624


Established in 1997, L.A. Care Health Plan is an independent public agency created by the state of California to provide health coverage to low-income Los Angeles County residents. We are the nation’s largest publicly operated health plan. Serving more than 2 million members in five health plans, we make sure our members get the right care at the right place at the right time.

Mission: L.A. Care’s mission is to provide access to quality health care for Los Angeles County's vulnerable and low-income communities and residents and to support the safety net required to achieve that purpose.

As a condition of employment, L.A. Care requires a COVID-19 vaccine. This requirement includes our remote workforce. If you would like to request an exemption, L.A. Care has implemented a process to consider exemptions, for documented medical conditions and sincerely held religious beliefs. L.A. Care will review all exemption requests prior to proceeding with the recruitment process.

Job Summary

The Information Security Officer is responsible for establishing, implementing, monitoring and enforcing information security standards and policies across L.A. Care Health Plan.

The Information Security Officer is responsible for a variety strategic operational responsibilities of tasks, including, but not limited to: Planning, managing, and coordinating security programs and strategic initiatives to preserve the confidentiality, integrity and availability of the organization's information resources and membership data.  Oversee and coordinate security efforts across the organization to identify and remedy vulnerabilities.  Develop policies, procedures, and awareness training, align them with company business continuity goals which ensures the electronic and physical safety of company and membership data. 

The Information Security Officer will lead all aspects of running an efficient  team, including hiring, supervising, coaching, training, performance assessment, disciplining, and motivating direct-reports.  Interfaces with senior leadership and all facets of the organization on security-related initiatives to execute corporate security strategies and drive change initiatives across L.A. Care.


Provides the strategic vision and operational framework for ensuring the protection of corporate and membership data. Develops and maintains an enterprise-wide framework to respond to information security related events and incidents.

Responsible for a team of security and risk/compliance professionals tasked to establish, implement, monitor, and enforce information security standards and policies across the organization.  Drives the enhancement of team performance and effectiveness through the mentoring and development of staff.  People management responsibilities include: hire, develop, evaluate, reward and retain a highly qualified team of Information Technology (I.T.) Professionals and leaders.  Establishes and enforces team and individual accountability.  Leads by example, consistently demonstrates service excellence principles and I.T. department behavioral expectations. Positively represents the organization to team members and other L. A. Care staff.  Provides timely and specific feedback, guidance, training and development for the overall unit.  

Primary liaisons between the business and technical teams during an information security incident. 

Establishes and maintains the protocols for identifying, evaluating, and reporting on information security risks to ensure compliance with regulatory requirements.

Develops and maintains a metrics and reporting framework to measure the efficiency and effectiveness of the information security program.

Interfaces with senior leadership across all departments to ensure that secure practices are embedded across the enterprise (e.g., procurement, system development, business continuity planning, handling of membership data, etc.).

Provides project management oversight as well as leadership to staff and external resources in support of
established goals and objectives, improved efficiencies, and problem resolution.

Oversight for vulnerability analysis and management process, which includes managing vulnerability scanning/ reporting process of the environment, collaborating with key stakeholders to design, develop, and implement security controls for systems, applications, devices, workstations and networks. 

Responsible for budget development and administration.

Perform other duties assigned.

Education Required

Bachelor's Degree
In lieu of degree, equivalent education and/or experience may be considered.

Education Preferred

Master's Degree in Information Technology


Minimum of 8-10 years of experience leading comparable information security, technology, and governance teams.

Minimum of  8 years of supervisory/management experience.

Demonstrated managerial experience in transforming business functions and changing departmental culture.

Experience with carefully managing budgets, contracts, and vendor negotiations.

Experience with leading the response to crises, incidents, and investigations.

Operational experience managing in a regulated environment (eg, classified networks, healthcare, finance, banking, etc).



Extensive knowledge of information security architecture, consultative stakeholder management, and strategic planning.

Excellent people management skills, including demonstrated ability to work with diverse group of people.

Excellent communication skills, including verbal, written and presentation.

Ability to lead, orchestrate and facilitate large cross-functional teams to drive for desired outcomes. 

Ability to manage risk through change control and/or escalation protocols if necessary. 

Licenses/Certifications Required

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Risk and Information Systems Control (CRISC)

Licenses/Certifications Preferred

Required Training

Additional Information

Required (on Professional Certificates):

One or more of: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC)


L.A. Care offers a wide range of benefits including

  • Paid Time Off (PTO)
  • Tuition Reimbursement
  • Retirement Plans
  • Medical, Dental and Vision
  • Wellness Program
  • Volunteer Time Off (VTO)


At L.A. Care, we value our team members’ safety. In order to keep our work locations safe, each employee is required to self-screen for symptoms prior to entering any L.A. Care location each day. L.A. Care and all of its staff are required to comply with all state and local masking orders. Therefore, when on-site at any L.A. Care location, employees are expected to wear a mask in areas where physical distancing cannot be managed.

Nearest Major Market: Los Angeles

Apply now »