Job Description

Purpose of Job

USAA has a Director, Information Security who will lead our Information Security Metrics program. This role will be in our San Antonio or Plano offices or it can be a Remote opportunity.

Oversees one or more teams providing analytical, business or technical support functions and is responsible for the development, implementation, management and oversight of enterprise information security policies, standards, processes and solutions that ensure USAA establishes, deepens and retains a best-in-class security posture. Engages with senior leadership to develop, design, and deliver a sustainable governance and assurance model across multiple domains to ensure security guidance is implemented as designed. This role has a direct impact on protecting USAAs brand and reputation within assigned Information Security domains. Establishes strategic direction and administers the overall strategies and procedures for their information security domain. Directs, plans, and organizes activities of professional and administrative staff engaged in providing information security/cyber security services associated with existing and emerging security risks in a complex and highly regulated environment. Partners with the lines-of-business, Enterprise Risk and Compliance, Audit Services, and Legal, to support enterprise Information security risk and compliance initiatives.

Job Requirements

About USAA

USAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level.

We embrace a robust veteran workforce and encourage veterans and veteran spouses to apply.

USAA Careers World Class Benefits (31 seconds)

* Follows written risk and compliance policies and procedures for business activities.
* Responsible for strategic ownership of critical security domains or capabilities, develops multi-year roadmaps and/or a leader of Manager Seniors.
* Establishes and ensures compliant execution of their information security domain's short- and long-term strategic vision, strategy, goals, and metrics and governs the overall policies, standards, and procedures for their assigned information security domain.
* Directs and ensures effective operation of an enterprise information security domain including capacity, resilience and dependability capabilities and how changes in conditions, operations, or the environment will affect the system's operation.
* Develops, reviews and communicates information security risk management policies and procedures in partnership with the Chief Information Security Officer (CISO) and other senior leaders to ensure appropriateness and adequacy versus industry best practices and regulatory requirements. Interfaces with external regulators to represent USAA in discussions regarding their specific information security domain.
* Oversees the continuous monitoring of cybersecurity activities and alerts senior management to potential risks, compliance issues, and operational inefficiencies.
* Develops, designs, and delivers a sustainable governance and assurance model across multiple domains and the Enterprise.
* Identifies, monitors and evaluates operational solutions to reduce information security risk, meet compliance requirements and increase enterprise workforce efficiency, business agility and workforce scalability.
* Promotes information security awareness across the enterprise and with the external security community
* Coordinates hiring, training, and evaluation of security personnel and the development of education/training programs to ensure appropriate awareness of security policies, procedures, and standards.

Minimum Education:

* Bachelors Degree in Information Security, Information Technology, Computer Science, Business Administration, or Information Systems/Management or related field
* 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.

Minimum Experience:

* 8 years of related information security experience in one or more domains, e.g.: Cyber Security, Identity and Access Management, Information Assurance and Governance, Operational Risk Management and/or Information Technology to include significant accountability for projects, programs, processes or policies.
* 3 years of direct team lead, supervisor, or management experience in an Information Security or Information Technology domain.
* 4 years of researching, designing or implementing technology, information security or cybersecurity solutions in a large financial institution or large enterprise information security program with a proven track record of delivering results in compliance with federal/state/regulatory information security and risk management policies, standards, and guidelines.
* Expert knowledge of relevant regulations and standards related to risk management and information security, e.g.: FFIEC, Gramm-Leach-Bliley, FFIEC Cybersecurity Assessment Tool, NIST Cybersecurity Framework and the Payment Card Industry Data Security Standard.
* Expert level of business acumen in the areas of business operations, risk management, industry practices and emerging trends.
* Strong written and verbal communication skills, including the ability to communicate technical analyses to a non-technical audience.

*Qualifications may warrant placement in a different job level*

When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not able to change your responses.

Preferred Experience:

* Experience with metric development and analysis
* Experience building new programs, developing strategy, and driving change
* Consultative background
* Holds a CRISC, CISA, or CISSP certification
* Familiarity with NIST CSF or NIST 800-53

Compensation:

USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market position. The salary range for this position is: $125,697 - $211700 *(this does not include geographical differential, it may be applied based on your work location)

Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors.

*Geographical Differential: Geographic pay differential is additional pay provided to eligible employees working in locations where market pay levels are above the national average.

Shift premium will be addressed on an individual-basis for applicable roles that are consistently scheduled for non-core hours.

Benefits:

At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals.

Please click on the link below for more details.

USAA Total Rewards

Relocation assistance is notavailable for this position.

For Internal Candidates:

Must complete 12 months in current position (from date of hire or date of placement), or must have managers approval prior to posting.

Last day for internal candidates to apply to the opening is 3/15/21 by 11:59 pm CST time.