USAA

Third-Party Risk and Compliance Advisor – Mid Level

USAA

full-time

Posted on:

Location Type: Hybrid

Location: Charlotte • Florida, North Carolina • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $85,040 - $162,550 per year

Job Level

Mid-LevelSenior

Tech Stack

Cyber Security

About the role

  • Implements and works to ensure the maintenance and continuous improvement of a comprehensive, risk-based Third-Party Risk Management (TPRM) technology framework aligns with industry best practices and regulatory expectations
  • Conducts independent review and challenge of the first line's identification and assessment of inherent and residual cybersecurity risks associated with third-party relationships
  • Conducts independent testing of the design and operational effectiveness of controls implemented by the first line of defense and third parties related to third-party systems and technology
  • Monitor the first line's adherence to the organization's cybersecurity policies, standards, and procedures related to third-party risk
  • Collects and analyzes key risk indicators (KRIs) and key performance indicators (KPIs) to continuously monitor the cyber risk posture of third parties
  • Contributes and develops reports to management
  • Stays abreast of evolving cybersecurity regulations and guidance related to TPRM and assists in ensuring the organization's program is aligned with requirements
  • Reviews vendor due diligence processes, ensuring that potential vendors are thoroughly vetted for cybersecurity risks before being onboarded
  • Maintains accurate and up-to-date documentation of TPRM technology activities
  • Monitors third-party relationships for Member complaints and levels of Member satisfaction ensuring service level agreements are being met

Requirements

  • Bachelor's degree in a related field (e.g., Information Technology, Cybersecurity, Business Administration)
  • 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree
  • 4 years of vendor/third-party risk management experience, in financial services, information technology, cyber security or related industry
  • 2 years of experience with relevant regulatory compliance, industry regulations and regulatory data sources such as Office of the Comptroller of the Currency (OCC), Federal Reserve Board, Consumer Financial Protection Bureau (CFPB), etc.
  • Proficient knowledge of relevant cyber and/or technology process(es) and regulatory compliance requirements
  • Strong knowledge of cybersecurity principles and technologies
  • Experience working within a regulated, policy-driven environment
  • Experience with the full lifecycle of third-party relationships, including detailed tasks like invoice reconciliation and ensuring proper termination procedures
  • Knowledge of cybersecurity principles, technologies, and frameworks (e.g., NIST CSF, ISO 27001)
  • Knowledge of third-party risk management methodologies and best practices (e.g., Shared Assessments)
  • Strong analytical and problem-solving skills
  • Excellent communication and interpersonal skills
Benefits
  • comprehensive medical, dental and vision plans
  • 401(k)
  • pension
  • life insurance
  • parental benefits
  • adoption assistance
  • paid time off program with paid holidays plus 16 paid volunteer hours
  • various wellness programs
  • career path planning and continuing education

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Third-Party Risk Management (TPRM)cybersecurity risk assessmentvendor due diligenceregulatory compliancecybersecurity principlesNIST CSFISO 27001Shared Assessmentskey risk indicators (KRIs)key performance indicators (KPIs)
Soft skills
analytical skillsproblem-solving skillscommunication skillsinterpersonal skills