Lead Compliance Risk Manager Lead (Information Security/Cyber Security)
Maternity and Paternity Leave
Onsite Gym/ Fitness Center
Paid Time Off
Retirement Plan (With Match)
Health and Wellness Programs
- Diversity and inclusion — We work together to create an environment that welcomes diverse perspectives and talent.
- Corporate responsibility — Our corporate responsibility programs share a common purpose of giving back to the military community.
- Balance and wellness — Our benefits help you live your life to the fullest while balancing work and personal goals.
- Educational opportunities — We foster a culture of learning, inspiring you to further develop your skill set and education.
Lead Compliance Risk Manager Lead (Information Security/Cyber Security)
Purpose of JobProvides second-line independent oversight and guidance regarding business products, services, and processes through a compliance framework to ensure they are executed in accordance with regulatory requirements. In partnership with the business and key stakeholders, continuously drives a strong culture of compliance and demonstrates integrity and professional judgment in protecting the interests of USAA and its members.
USAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level.
In each of the past five years, we've been a top-40 Fortune 100 Best Companies to Work For®, and we've ranked among Victory Media's Top 10 Military Friendly® Employers for 13 years straight. We embrace a robust veteran workforce and encourage veterans and veteran spouses to apply.
See what it's like to work for a company where your passion meets our purpose:
- Anticipates and identifies future needs, opportunities and potential compliance solutions, and leads cross-functional teams through the problem resolution process.
- Assesses results of data analyses, provides credible challenge and recommends innovative compliance solutions.
- Develops, designs and delivers compliance strategies to influence business leadership on effective solutions and may represent leadership on complex issues.
- Maintains and expands expert knowledge of the competitive/regulatory landscape and the company's key challenges.
- May coordinate and respond to regulatory requirements and requests and ensures the execution of examinations.
- Executes compliance risk management activities in accordance with enterprise compliance standards.
- Serves as the technical expert regarding compliance laws and regulations and provides direction to others on complex issues.
- Bachelor's degree required OR 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree
- 8 or more years of risk, compliance, or audit experience required
- Demonstrated experience working in a highly regulated environment.
- Expert knowledge of relevant industry regulations and regulatory compliance in a specific area.
- Advanced knowledge of compliance laws, regulations and regulatory expectations
- Demonstrated ability to apply advanced knowledge of regulatory compliance to consult and provide insight and guidance.
- Demonstrated ability to communicate effectively at all levels of management
- Advanced knowledge of Microsoft Office tools to include Word, Excel and PowerPoint.
*Qualifications may warrant placement in a different job level*
When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not able to change your responses.
- Expert knowledge of financial institution and banking regulations with the ability to provide advisory services for business stakeholders.
- Knowledge should include Gramm-Leach-Bliley Act (GLBA), Interagency Guidelines Establishing Information Security Standards, 12 CFR Part 30, Appendix B, Standards for Safeguarding Customer Information FRB SR 01-15 (SUP), PCI DSS Standards, 23 NYCRR 500, FFIEC IT Handbook and Fair Credit Reporting Act (FCRA).
- Expert knowledge of regulatory requirements, risk and industry standards associated with emerging technology, authentication capabilities, network design/security, cloud computing environment and internet of things (IoT).
- Knowledge of leading Information Security industry frameworks (i.e. NIST, ISO, COBIT, ITIL, CMMI, COSO, SANS) and Information Security and Data governance models.
- 1st and/or 2nd line of defense experience in IT security compliance a large financial institution focused on assessing information systems and technology risks and controls, with a demonstrated background in applying risk & controls, security and technology principles.
- Information Security Designations such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC).
- Experience performing cyber threat operations to include cyber threat prevention, knowledge of cybersecurity infrastructure and use of cybersecurity assessment tool (CAT) in the financial services, information technology industry or within a military branch.
- Previous technical domain experience to include IT Architecture, DevOps, Application Development, SDLC methodologies such as Agile, SCRUM, and SAFe, and middleware, testing and deployment toolsets.
- Experience conducting compliance assessments through strong understanding of policies, procedures, programs, external regulations, and business objectives to ensure appropriate and effective risk mitigation controls are in place.
- Experience providing “credible challenge” to business partners when necessary, with the ability to lead through influence while balancing relationships effectively at all levels up to senior leadership.
- Experience building technology risk frameworks, assessments, reports metrics, KRIs, and utilize risk management tools (MetricSteam, Archer) to analyze, model, monitor and report risk.
- Excellent communication, leadership, and management skills to influence a wide range of internal audiences including respective business, product, or executive management partners and external audiences including regulators and external auditors.
The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
At USAA our employees enjoy one of the best benefits package in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs. Additionally, our career path planning and continuing education will assist you with your professional goals.
Relocation assistance is available for this position.
For Internal Candidates:
Must complete 12 months in current position (from date of hire or date of placement), or must have manager’s approval prior to posting.
Last day for internal candidates to apply to the opening is 2/17/20 by 11:59 pm CST time.