InfoSec Policy Management & Compliance Head

Why USAA

At USAA our mission is to empower our members to achieve financial security through highly competitive products exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families.

Embrace a fulfilling career at USAA where our core values honesty integrity loyalty and service define how we treat each other and our members. Be part of what truly makes us special and impactful.

The Opportunity

As a dedicated InfoSec Policy Management & Compliance Head you will demonstrate strategic cyber security thought leadership and applies technical subject-matter-expertise to produce innovative information security and cyber security solutions towards complex work deliverables. Leads broad functional and enterprise projects and participates as a subject-matter-expert on key enterprise and portfolio level initiatives. Anticipates identifies and solutions information security and cyber security countermeasures to threats stemming from emergent technologies and business activities. Uses depth and breadth of distinct technical knowledge and experience to research architect influence and integrate highly complex information security and cyber security solutions into technology initiatives aligned to USAAs mission brand and strategic priorities.

We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in one of the following locations: San Antonio TX Plano TX Phoenix AZ Colorado Springs CO Charlotte NC Chesapeake VA or Tampa FL. Relocation assistance is available for this position.

What youll do:

• Serves as a system engineer anticipates operational inefficiencies and potential information security risks and drives solutions architecture for large complex systems or networks with a focus on handling vulnerabilities and reducing risk of system and/or asset compromises.

• Leads the design of secure scalable infrastructure across multiple domains and portfolios including the creation and enforcement of the standards for system change across USAA.

• Reserves execution for the most complex implementations influences service delivery and maintenance task automation across multiple domains and drives monitoring and tooling at the portfolio level.

• Serves as a trusted advisor and leads multi-functional matrixed delivery teams across a variety of technical domains to solve highly complex and high value Information Security related business problems and decrease the time to market of critical business decisions that impact the overall security posture and health of USAA.

• Analyzes trends news and changes in threat and compliance environment with respect to organizational risk.

• Oversees risk and compliance self-assessments and leads internal and external risk and compliance assessments.

• Collaborate with external regulators to represent USAA in discussions regarding their specific information security technical domains.

• Collaborates with and influences senior level executive leaders on the most appropriate and feasible approach for handling information security-based risk and compliance issues.

• Analyzes and oversees the development of information security governance including organizational policies procedures standards baselines and guidelines with respect to information security use and operation of information systems.

• Owns operational information and cyber security decisions across USAA including identifying planning and applying advanced security concepts and principles.

• Builds prototypes and proofs of concept to demonstrate feasibility for new emerging and innovative security technologies and influences enterprise prioritization for implementation.

• Anticipates and translates business and security objectives into achievable controls including developing and overseeing the technical implementation of those controls.

• Leads mentors and inspires USAA Information Security experts while raising the security quotient of technology teams senior leadership executives and business partners.

• Actively seeks opportunities to advance professional development through participation in industry organizations writing security publications pursuing educational opportunities establishing personal networks and participating in professional societies and publications.

• Ensures risks associated with business activities are effectively identified measured monitored and controlled in accordance with risk and compliance policies and procedures.

What you have:

• Bachelors Degree in Information Security Information Technology Computer Science Information Systems/Management or related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree.

• 10 years of related experience in Information Security Cybersecurity and/or Information Technology in a large organization major consulting firm or US military.

• 6 years experience leading highly complex portfolios programs or projects in Information Security Cybersecurity and/or Information Technology with accountability for ensuring compliance with federal/state/regulatory information security and risk management policies standards and guidelines.

• 4 years of demonstrated technical leadership and/or leading teams required with deep knowledge in one or more information security domains e.g.: Identity Protections Data Protections Infrastructure Protections or Monitoring and Response.

• Advanced knowledge of emerging and/or evolution of existing security technologies.

• Mastery of complex system and environment analysis design optimization and hardening.

• Demonstrated ability to understand and integrate enterprise level goals objectives and requirements into the security decisioning process.

• Deep technical knowledge expertise and practical application experience required in successfully applying Information Security and/or Cybersecurity theories techniques and/or technologies to a financial services and/or business operations environment.

• Extensive experience in delivering modern security infrastructure solutions to support and enable the organization this includes support of new applications of technology and Information Technology business models in support of emerging workforce needs.

• Mastery of Information Security and/or Cybersecurity consulting skills to include gathering and synthesizing business and technical requirements and communicating and/or facilitating constructive opportunities to a variety of audience levels and without direct authority.

• Exceptional relationship management building skills which includes the ability to effectively collaborate communicate and develop high trust relationships across all levels of an organization to include senior level executive leaders.

• Extensive experience explaining and influencing complex technology decisions to both technical and nontechnical audiences at all levels in the organization and with multi-functional and enterprise teams.

• Advanced solutions engineering and troubleshooting skills as well as deep experience with and knowledgeable of secure architectures engineering and design principles.

What sets you apart:

• 10 years of hands-on experience leading teams - developing and handling InfoSec policies standards and other program documents e.g. WISP to align with Industry standards as well as governance of approvals and exceptions.

• Experience in building and handling a reference library of requirements driving the InfoSec program including reference to standards regulations control.

• Experience in conducting regulatory assessment (e.g. GLBA NYDFS HIPAA DORA etc.) and conducting InfoSec program maturity assessments using industry standard benchmarking frameworks e.g. FFIEC CRI by examining applicable InfoSec control design and operating effectiveness.

• Experience building strong working partnerships with IT teams 2nd and 3rd Line Of Defense teams.

• Experience with other InfoSec governance risk and compliance functions and Operational functions (e.g. Access Management Data Protection Cyber Operations etc.) is a strong plus.

• Strong people and function leadership and excellent communication and presentation skills.

Compensation range: The salary range for this position is: $189370.00 - $361950.00.

USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e. H-1B TN STEM OPT Training Plans etc.).

Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location.

Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors.

The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.

Benefits: At USAA our employees enjoy best-in-class benefits to support their physical financial and emotional wellness. These benefits include comprehensive medical dental and vision plans 401(k) pension life insurance parental benefits adoption assistance paid time off program with paid holidays plus 16 paid volunteer hours and various wellness programs. Additionally our career path planning and continuing education assists employees with their professional goals.

For more details on our outstanding benefits visit our benefits page on .

Applications for this position are accepted on an ongoing basis this posting will remain open until the position is filled. Thus interested candidates are encouraged to apply the same day they view this posting.

USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran.