Purpose of JobWe are currently seeking talented Information Security Advisor Senior for our San Antonio, TX facility.
Provides thought leadership while managing multiple initiatives. Collaborates with all levels of USAA management and internal partners to assess Information Security and align to support the organization goals with Enterprise goals. Manages and mitigates Information Security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides Information Security risk insight and guides management on Information Security risk issues and serves as advisor to peers, team members and the enterprise. Works under minimal supervision on complex work assignments and recommends appropriate solutions and problem resolution.
- Provides advice, guidance, and assistance to executive leadership. Creates, implements, and socializes new information security policy and standards to the enterprise.
- Provides specialist advice and assistance in the interpretation of information security policy and standards.
- Performs physical site assessments of business partners and provides peer review of work product and deliverables from site assessments. Performs release of information to third party business partners and identifies alternative methods for releasing information when applicable.
- Ensures that internally developed and commercially available business applications include adequate security controls.
- Designs, develops, delivers or oversees the delivery of classroom or computer based training regarding information security practices.
- Acts as a technical advisor for a variety of ad-hoc information security projects. May provide audit support.
- Bachelor's degree or 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.
- 6 or more years of relevant work experience.
- Advanced knowledge of relevant technical discipline.
*Qualifications may warrant placement in a different job level.*
When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not be able to change your responses.
- Team oriented innovative thinker who is a self-starter and drives change.
- Experience with Third Party Risk Management and assessments/audits within the Information Security domain.
- Working knowledge of NIST Cyber security Framework.
- Experience working with RSA Archer Governance Risk and Compliance (GRC) tool.
- Experience in financial sector regulatory requirements and sensitive data controls to protect PCI, PHI, PII and IP data
- Working knowledge of database tools, scripting languages: PowerShell, XML, HTML, ASPX, VB, VBA and/or SQL.
- INFOSEC certification to include one or more of the following CISSP/CEH/CISA/CRISC/CCSA/CTPRP
- Ability to Travel up to 40%
The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
At USAA our employees enjoy one of the best benefits packages in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs. Additionally, our career path planning and continuing education will assist you with your professional goals.
USAA also offers a variety of on-site services and conveniences to help you manage your work and personal life, including seven cafeterias, two company stores and three fitness centers.
Relocation assistance is available for this position.
For Internal Candidates:
Must complete 12 months in current position (from date of hire or date of placement), or must have manager s approval prior to posting.
Last day for internal candidates to apply to the opening is 09/12/18 by 11:59 pm CST time.
Associated topics: cybersecurity, identity, iam, information assurance, information technology security, phish, security analyst, security engineer, threat, vulnerability