Information Security Analyst Jobs in Los Angeles, CA

Overview

The Deputy Chief Information Security Officer is the senior operational security leader within Engineering Solutions, reporting to the CISO, Head of Security Driven Infrastructure. The role is responsible for driving security strategy, frameworks, and tooling into sustained, repeatable BAU operations across cloud, on-premises, and hybrid environments. The Information Security Lead leads the security team, drives cross-functional execution, and serves as Incident Commander during security events. This is a hands-on leadership role requiring deep practitioner expertise, strong executive presence, and the ability to maintain a collaborative culture while driving accountability and follow-through.

Purpose

The Deputy Chief Information Security Officer ensures TCW’s security program translates into measurable operational outcomes. This role is responsible for maturing security capabilities, improving process discipline, and driving strategic initiatives through strong execution, project and program management, documentation, automation, and meaningful metrics. The ideal candidate combines technical depth, leadership presence, and a collaborative, no-ego style with the discipline to drive ownership and follow-through.

Security Program Leadership & Operational Execution

• Lead the information security team as a player-coach, maintaining a collaborative, high-accountability culture
• Drive security strategies, frameworks, and tooling into repeatable BAU operations with clear ownership, metrics, and follow-through
• Lead cross-functional initiatives with engineering, infrastructure, legal, compliance, and business stakeholders
• Serve as Incident Commander during security events and lead escalations, post-incident review, and operational improvement
• Develop and present KPIs, metrics, risk updates, and program status to leadership

Cloud, Infrastructure & Identity Security

• Lead and evolve TCW’s cloud and hybrid security architecture across Azure, identity platforms, and enterprise infrastructure
• Oversee CSPM, CNAPP, hardening baselines, configuration security, and Infrastructure-as-Code security controls
• Drive Zero Trust and identity security across human and non-human identities, including Conditional Access, federation, and least privilege
• Ensure security controls evolve with cloud migration and broader infrastructure modernization

Threat Detection, Incident Response & Vulnerability Management

• Lead threat detection, incident response, and threat operations, including hands-on investigation when needed
• Own the vulnerability management lifecycle, including prioritization, remediation accountability, exceptions, and reporting
• Build and mature playbooks, SOPs, automation, and continuous monitoring capabilities
• Improve analyst efficiency and response quality through automation, telemetry, and operational tooling

Application, Data & AI Security

• Lead and mature application security, secure development, and software supply chain risk management practices
• Lead data protection, DLP, insider risk, and data governance controls in partnership with legal and compliance
• Establish and enforce security governance for AI and Generative AI adoption across the firm
• Govern the secure use of AI-assisted development and productivity tools through practical controls and clear risk guidance

Governance, Risk & Partnership

• Manage security risk and support compliance with regulatory expectations applicable to financial services
• Partner with cross-functional teams to assess risk, onboard solutions, and ensure security controls are in place before production deployment
• Maintain strong relationships with vendors, industry peers, and the broader security community
• Develop documentation, standards, playbooks, and governance artifacts that support durability and institutional knowledge

• Collaborative, no-ego leadership style with the ability to maintain culture while driving accountability and execution
• Strong executive presence and communication skills across technical, business, client, regulatory, and legal audiences
• Strong cross-functional leadership and project/program management discipline
• Strategic and data-driven problem-solving, with the ability to prioritize effectively in a fast-paced environment
• Operational mindset with a bias toward execution, documentation, and measurable outcomes

• Experience in financial services or asset management
• Relevant industry certifications such as CISSP, CCSP, CISM, AZ-500, or SC-200
• Familiarity with Infrastructure-as-Code and DevSecOps practices
• Experience supporting enterprise cloud migration and secure adoption of AI-assisted tools