Sensitive Data Security Advisor Senior
Location: San Antonio
Posted on: February 16, 2020
Purpose of JobProvides thought leadership while managing multiple
initiatives. Collaborates with all levels of USAA management and
internal partners to assess data security and align to support the
organization goals with Enterprise goals. Manages and mitigates
data security risk by identifying, evaluating, assessing,
designing, monitoring, administering, reporting and implementing
systems, policies and processes. Provides data security risk
insight and guides management on data security risk issues and
serves as an advisor to peers, team members and the enterprise.
Works under minimal supervision on complex work assignments and
recommends appropriate solutions and problem resolution.Job
- Provides advice, guidance, and assistance to executive
leadership. Creates, implements, and socializes new data security
policy and standards to the enterprise.
- Provides specialist advice and assistance in the interpretation
of data security policy and standards.
- Provides peer review of work product and deliverables from site
assessments. Performs release of information to third party
business partners and identifies alternative methods for releasing
information when applicable.
- Designs, develops, delivers or oversees the delivery of
classroom or computer based training regarding data security
- Acts as a technical advisor for a variety of ad-hoc data
security projects. May provide audit support.
- Develops, publishes, maintains and interprets complex data
security governance (e.g. policies, principles, standards) that
define data security requirements.
- Designs, develops and optimizes repeatable methods and
measurements for data security risk management.
- Influences data security risk management strategies and
educates and consults with risk owners on best practices.
- Provides consulting (advice, guidance and assistance) across
the enterprise, focusing on data security risk, to guide the
strategic security direction of USAA development projects,
departmental initiatives and other special projects.
- Determines requirements, recommends system security
configurations, and risk mitigation effectiveness.
- Responds both verbally and in writing to moderately complex
inquiries and periodic exams from both internal control partners
(e.g. legal, compliance, audit, risk) and external control partners
(e.g. regulators, external auditors, third-parties).Minimum
- Bachelor's degree required or 4 additional years of related
experience beyond the minimum required may be substituted in lieu
of a degree.
- In addition to a Bachelor's Degree, 6 or more years of relevant
- Advanced knowledge of relevant technical
discipline.*Qualifications may warrant placement in a different job
level*When you apply for this position, you will be required to
answer some initial questions. - This will take approximately 5
minutes. - Once you begin the questions you will not be able to
finish them at a later time and you will not able to change your
- Knowledge of Agile framework and knowledge of information
security management frameworks (e.g. ISO 2700X, NIST CSF, SANS Top
20 Critical Security Controls)
- Working knowledge of FFIEC and IT Audit principles, as well as
information security policy, standard and procedures related to
- Deep knowledge and experience on Enterprise wide implementation
of information/data security scanning tools and protection
capabilities (e.g. Tokenization, Encryption, DLP)
- Knowledge of PCI DSS, GLBA, HIPAA, SOX, EUGDPR, CCPA, FFIEC,
- Experience within one or more of the following areas:
Information Security, IT Governance, Risk Management and IT
- Experience having participated in enterprise level threat/risk
assessments on PCI/PII/PHI data sets and experience participating
in security audits and managed evidences
- Experience with communication and change management for
Sensitive Data Management and strong background in sensitive data
controls to protect PCI, PHI, PII and IP dataThe above description
reflects the details considered necessary to describe the principal
functions of the job and should not be construed as a detailed
description of all the work requirements that may be performed in
the job.At USAA our employees enjoy one of the best benefits
package in the business, including a flexible business casual or
casual dress environment, comprehensive medical, dental and vision
plans, along with wellness and wealth building programs. -
Additionally, our career path planning and continuing education
will assist you with your professional goals.Relocation assistance
is not available for this position.For Internal Candidates:Must
complete 12 months in current position (from date of hire or date
of placement), or must have manager's approval prior to
posting.Last day for internal candidates to apply to the opening is
12/26/19 by 11:59 pm CST time.
Keywords: USAA, San Antonio , Sensitive Data Security Advisor Senior, Other , San Antonio, Texas
Didn't find what you're looking for? Search again!