Lead Sensitive Data Security Advisor (Remote)
At USAA, you’ll be able to align your skillset with our values. Our Data & Analytics team provides crucial insights that benefit our members – active military, those who’ve served and their families. So, when you look beyond the facts and figures, you won’t just find a solution for our business. You’ll find a way to improve the livelihoods and outcomes of our members. See how you can grow a meaningful career with USAA.
- Full Time
- Minimal Travel
- Glassdoor Reviews and Company Rating
What makes a successful Lead Sensitive Data Security Advisor (Remote) at USAA?
Review the top traits we’re looking for and see if you’re the right fit.
- Problem solver
- Results driven
- Team player
Here's what our people are saying
“USAA helps me create an environment for success for my team, where we can create healthy challenges, drive accountability, feel valued, innovate and build for the future. Every day, I feel blessed to be serving those that have served the country.”
Venkata A.Information Governance
“As a woman in Data Science, I like working for a company that values diversity and inclusion. Additionally, I am a military BRAT and a member of a Gold Star Family, so USAA’s mission is an incredible opportunity to ‘Go Above for those who have Gone Beyond.’ Put simply, coming to USAA feels like coming home.”
Michelle S.Data Scientist
“USAA truly believes in the value of leveraging our data to improve Member experiences. What I work on every day ends up impacting our Members. I am elated to be part of a company where my work is impactful and where my ongoing professional growth and academic pursuits are supported and even promoted.”
David H.Data Scientist
Paid Time Off
- Diversity and inclusion — We work together to create an environment that welcomes diverse perspectives and talent.
- Corporate responsibility — Our corporate responsibility programs share a common purpose of giving back to the military community.
- Balance and wellness — Our benefits help you live your life to the fullest while balancing work and personal goals.
- Educational opportunities — We foster a culture of learning, inspiring you to further develop your skill set and education.
Lead Sensitive Data Security Advisor (Remote)
Purpose of JobWe are currently seeking a talented Lead Sensitive Data Security Advisor (Remote) for the San Antonio Home Office I.
The candidate selected for this position is responsible for leading and aligning the SDM Strategy with USAA strategic objectives to protect sensitive data and promoting compliance with applicable laws, rules, and regulations.
Develops strategies and data security plans. Provides thought leadership while managing multiple large-scale initiatives. Collaborates with all levels of USAA management and internal partners to assess data security and align to support the organization goals with Enterprise goals. Leads data security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Advises various levels of senior management on data security risk management issues and serves as the primary resource for cross-functional team members on escalated issues of a unique nature.
USAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level.
In each of the past five years, we've been a top-40 Fortune 100 Best Companies to Work For®, and we've ranked among Victory Media's Top 10 Military Friendly® Employers 13 years straight. We embrace a robust veteran workforce and encourage veterans and veteran spouses to apply.
USAA Careers - Award Winning Workplace (17 seconds)
USAA Careers – World Class Benefits (31 seconds)
- Identifies and manages existing and emerging risks that stem from business activities and the job role.
- Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled.
- Follows written risk and compliance policies and procedures for business activities.
- Develops, publishes, maintains and/or interprets highly complex Sensitive Data Security governance (e.g. policies and standards)
- Collaborates with enterprise business operations to resolve Sensitive Data Security governance conflicts and issues.
- Leads in the optimization, execution, and maintenance of repeatable methods and measurements for the Sensitive Data Security and information risk management program.
- Leads, performs, reviews and advises on Sensitive Data Security and Information focused risk assessments of complex projects and new technologies.
- Collaborates on Sensitive Data Security and information risk management strategies with senior executive risk owners on best practices; educates and recommends risk treatment best practices.
- Provides oversight on consulting (advice, guidance and assistance) to the enterprise, focusing on Sensitive Data Security and information risk, to guide the strategic security direction of USAA.
- Responds both verbally and in writing to complex inquiries and new periodic exams from both internal control partners (e.g. legal, compliance, audit, risk) and external control partners (e.g. regulators, external auditors, third parties). Helps optimize and execute methods to improve future inquiry responses.
- Provides oversight and peer-review of data security processes and procedures and responses to business areas and supporting partners (e.g. CLO, risk, audit, etc.)
- Leads and provides guidance to team for identification, development, and testing of Sensitive Data Security and Information controls for risk mitigation effectiveness.
- Maintains expert level knowledge of USAA Sensitive Data Security standards as well as industry Sensitive Data Security best practices, frameworks, laws and regulations.
- Acts as the Subject Matter Expect (SME) on Sensitive Data focused standards, policies, processes and procedures for the enterprise.
- Bachelor's degree.
- 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.
- 8 years of related experience in Sensitive Data Security, Information Security, Information Assurance, Risk Management, or Audit to include accountability for complex tasks and/or projects.
- 6 years of related experience in conducting risk assessments, recommending risk treatment options and/or developing program governance (e.g. policies and standards).
- Expert level of business acumen in the areas of business operations, risk management, industry practices and emerging trends. Knowledge and demonstrated application of Confidentiality, Integrity and Availability (CIA), Data Management and Least Privilege Principles.
- Knowledge of a wide range of security technologies, such as network security, database security, tokenization platforms, Data Leakage Prevention, Data Leakages
- Protection, Database Monitoring, identity and access management systems.
- Solid understanding of security protocols, application security, cryptography, authentication, authorization and security.
- Extensive knowledge of current IT risks and experience implementing security solutions.
- Knowledge of Archer enterprise governance, risk and compliance Or similar GRC tools.
- Experience with post-breach incident response creation, policies and standards for testing breach incidents; ability to manage the incident from inception to recovery, including the following phases: Plan Preparation, Identification, Containment, Eradication, and Recovery.
- Knowledge of Agile framework
- Knowledge of information security management frameworks (e.g. ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls)
- Working knowledge of FFIEC and IT Audit principles, as well as information security policy, standard and procedures related to data security
- Experience participating in security audits and managed evidences
- Deep knowledge and experience on Enterprise wide implementation of information/data security scanning tools and protection capabilities (e.g. Tokenization, Encryption, DLP)
- Knowledge of PCI DSS, GLBA, HIPAA, SOX, EUGDPR, CCPA, FFIEC, NYDFS, etc.
- Experience within one or more of the following areas: Information Security, IT Governance, Risk Management and IT Audit
- Experience with development of enterprise level policies/standards/Controls for securing PCI/PII Data
- Experience having supported Enterprise wide rollout of information security tools
- CISSP/CISM/CISA certified
- Experience having participated in enterprise level threat/risk assessments on PCI/PII/PHI data sets
- Experience with communication and change management for Sensitive Data Management
- Strong background in sensitive data controls to protect PCI, PHI, PII and IP data
The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
At USAA our employees enjoy one of the best benefits packages in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs. Additionally, our career path planning and continuing education will assist you with your professional goals.
USAA also offers a variety of on-site services and conveniences to help you manage your work and personal life, including seven cafeterias, two company stores and three fitness centers.
Relocation assistance is notavailable for this position.
- Information Management Analyst Senior (Remote Work Location Available) San Antonio, Texas | Phoenix, Arizona | Tampa, Florida
- Business Intelligence Analyst I San Antonio, Texas | Phoenix, Arizona | Plano, Texas
- Information Governance Advisor I – Data Governance (Remote Work Location Available) San Antonio, Texas
- Manager Senior Information Governance - Bank San Antonio, Texas | Colorado Springs, Colorado | Tampa, Florida
- Business Intelligence Analyst II - Open to Remote San Antonio, Texas