USAA

Senior Bank Information Security Governance

USAA

full-time

Posted on:

Location Type: Hybrid

Location: Phoenix • Arizona, Colorado, Florida, North Carolina, Texas, Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $114,080 - $218,030 per year

Job Level

Senior

Tech Stack

CloudCyber Security

About the role

  • Supports the first line of defense in ensuring the effectiveness of Information Security (IS) governance, IS risk management, and compliance programs within the Bank Technology Office.
  • Collaborates with Information Technology (IT) and IS teams, business stakeholders, Compliance, Risk Management, Audit Services, and external parties to support IS governance and IS risk and compliance-based initiatives.
  • Acts as a key liaison between the Association’s IS function and various Bank business units, ensuring alignment with enterprise security policies and standards.
  • Continuously monitors IS environments to identify emerging risks related to cybersecurity, infrastructure, applications, and third-party services.
  • Provides consultative services across Bank.
  • Provides expert insights on the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the Bank organization's specific needs and strategic objectives.
  • Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures.
  • Conducts forward-looking risk assessments for new technology initiatives, system changes, and digital transformation projects.
  • Partners with and leads IT/IS teams to embed IS risk considerations early in the project lifecycle and ensure timely mitigation strategies.
  • Leads the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the organization's specific needs and strategic objectives.
  • Defines, maintains, and enforces IS policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices.
  • Ensures IS risk compliance with legal, regulatory, and contractual requirements, coordinating audits and assessments.
  • Provides governance oversight for IS related initiatives, ensuring they adhere to established standards, policies, and risk management practices.
  • Mentors junior members of the IS governance team, providing guidance and support in their professional development.
  • Enhances, and maintains awareness of the risk governance framework and its elements (RCSA).
  • Performs root cause analysis to determine likelihood, impact, and mitigation approaches of identified risks.
  • Prepares metrics reporting and participates in the metrics refresh process.
  • Maintains awareness of cloud computing principles and AI and understands potential IS risks inherent within this discipline.
  • Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures.

Requirements

  • Bachelor’s degree in Information Technology, Computer Science, Business Administration, or a related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree.
  • 6 years experience supporting IS governance, IS risk management, compliance, or IT audit activities
  • In-depth knowledge and application of IT governance frameworks such as COBIT, ITIL, ISO 27001, and NIST, CIS Controls and CMMC
  • Experience working on and implementing IT and/or IS policies, standards, and procedures.
  • Experience leading and coordinating IS audits and assessments and ensuring compliance with regulatory requirements.
  • A strong understanding of regulatory and compliance requirements applicable to the organization.
  • Ability to interpret complex IT/IS environments and detect early warning signals.
  • Experience in identifying potential failure points and simulating risk scenarios.
  • Proficiency in using data to identify trends, anomalies, and emerging risks.
  • Understanding of cloud, cybersecurity, and digital transformation risks.
  • Ability to articulate risk insights and influence stakeholders to take preventive actions.
  • Familiarity with GRC platforms, vulnerability management tools, and risk dashboards.
Benefits
  • comprehensive medical, dental and vision plans
  • 401(k)
  • pension
  • life insurance
  • parental benefits
  • adoption assistance
  • paid time off program with paid holidays plus 16 paid volunteer hours
  • various wellness programs
  • career path planning and continuing education

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
IS governanceIS risk managementcomplianceIT auditCOBITITILISO 27001NISTCIS ControlsCMMC
Soft skills
collaborationmentoringanalytical thinkingcommunicationinfluencingconsultative servicesproblem-solvingleadershiprisk assessmentstakeholder engagement