Info Security Advisor Lead

Company: USAA
Location: San Antonio
Posted on: October 18, 2020

Job Description:

Purpose of JobWe are looking for an Info Security Advisor Lead in San Antonio, TX or a 100% remote work from home environment.

Provides information assurance capabilities through technical consultation and guidance to the business for the interpretation and assessment of information security risk for projects, technologies, and environments. Aims to identify and manage existing and emerging risks and integrate risk management strategies and educate risk owners across the enterprise on information security requirements and best practices. Ensures risks associated with business activities are effectively identified, measured, monitored and controlled and administers, and implements systems, policies and processes which serve to enhance the mitigation, reporting, and analysis of Information Security risk. Stays current on the latest Information Security risks.Job RequirementsAbout USAAUSAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level.In each of the past five years, we've been a top-40 Fortune 100 Best Companies to Work For , and we've ranked among Victory Media's Top 10 Military Friendly Employers 13 years straight. We embrace a robust veteran workforce and encourage veterans and veteran spouses to apply. (17 seconds) (31 seconds)Job Tasks:

• Develops, publishes, maintains and/or interprets highly complex Information Security governance requirements (e.g. policies and standards).
• Collaborates with business operations to resolve Information Security governance conflicts.
• Leads in the optimization, execution, and maintenance of repeatable methods and measurements for the Information Security risk management program.
• Leads, performs and reviews security risk assessments of complex projects, new technologies, business partners and third parties.
• Collaborates on Information Security risk management strategies with senior executive risk owners; educates and recommends risk treatment best practices.
• Provides oversight on consulting (advice, guidance and assistance) to the enterprise, focusing on Information Security risk, to guide the strategic security direction of USAA.
• Responds both verbally and in writing to complex inquiries and periodic exams from both internal control partners (e.g. legal, compliance, audit, risk) and external control partners (e.g. regulators, external auditors, third-parties). Helps optimize and execute methods to improve future inquiry responses. Provides oversight and peer-review of responses.
• Leads and provides guidance to team for identification, development, and testing of Information Security controls for risk mitigation effectiveness.
• Maintains expert level knowledge of USAA Information Security standards as well as industry information security best practices, frameworks, laws and regulations.
• Follows written risk and compliance policies and procedures for business activities.Minimum Education:
  • Bachelor s Degree, OR, 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.Minimum Experience:
    • 8 or more years of related experience in Information Security, Information Assurance, Risk Management, Audit and/or Information Technology to include accountability for complex tasks and/or projects.
    • 6 or more years of related experience in conducting risk assessments, recommending risk treatment options and/or developing program governance (e.g. policies and standards).
    • Expert level of business acumen in the areas of business operations, risk management, industry practices and emerging trends.*Qualifications may warrant placement in a different job level*When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not be able to change your responses.Preferred Experience
      • Significant experience working with lawyers, regulators, and examiners in a Fortune 500 financial services company
      • Advanced knowledge of laws, regulations and standards governing a Fortune 500 financial services company
      • Advanced knowledge of governance, risk, and compliance concepts pertaining to a Fortune 500 financial services company
      • Knowledge and experience working in an Information Security and/or Information Technology environment at a Fortune 500 financial services company
      • One or more of the following certifications:
        • Certified in Risk and Information Systems Control (CRISC) certification
        • Certified Information Privacy Professional (CIPP) certification
        • Certified Information Systems Security Professional (CISSP) certificationThe above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.At USAA our employees enjoy one of the best benefits packages in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs. Additionally, our career path planning and continuing education will assist you with your professional goals.USAA also offers a variety of on-site services and conveniences to help you manage your work and personal life, including seven cafeterias, two company stores and three fitness centers.Relocation assistance is not available for this position.For Internal Candidates:Must complete 12 months in current position (from date of hire or date of placement) or must have manager s approval prior to posting.Last day for internal candidates to apply to the opening is 10/19/20 by 11:59 pm CST time. Associated topics: attack, identity access management, idm, information assurance, information security, information technology security, leak, phish, threat, violation

Keywords: USAA, San Antonio , Info Security Advisor Lead, Other , San Antonio, Texas