Lead Sensitive Data Security Advisor
Posted on: October 18, 2020
Purpose of JobWe are currently seeking a talented Lead Sensitive
Data Security Advisor for one of the following locations: Remote,
San Antonio Home Office I or Phoenix Campus.
The candidate selected for this position is responsible for leading
and aligning the SDM Strategy with USAA strategic objectives to
protect sensitive data and promoting compliance with applicable
laws, rules, and regulations.
Develops strategies and data security plans. Provides thought
leadership while managing multiple large-scale initiatives.
Collaborates with all levels of USAA management and internal
partners to assess data security and align to support the
organization goals with Enterprise goals. Leads data security risk
by identifying, evaluating, assessing, designing, monitoring,
administering, reporting and implementing systems, policies and
processes. Advises various levels of senior management on data
security risk management issues and serves as the primary resource
for cross-functional team members on escalated issues of a unique
nature. Works under minimal supervision on complex and unique work
assignments and recommends appropriate solutions and problem
resolution.Job RequirementsAbout USAAUSAA knows what it means to
serve. We facilitate the financial security of millions of U.S.
military members and their families. This singular mission requires
a dedication to innovative thinking at every level.In each of the
past five years, we've been a top-40 Fortune 100 Best Companies to
Work For , and we've ranked among Victory Media's Top 10 Military
Friendly Employers 13 years straight. We embrace a robust veteran
workforce and encourage veterans and veteran spouses to apply. (17
seconds) (31 seconds)
- Leads technical thought leadership to guide the strategic
direction to executive management focusing on data security risk of
USAA development projects, departmental initiatives and other
- Provides advanced advice and acts as a data security subject
matter expert liaison between the company and staff agencies
through formal and ad-hoc inquiries.
- Provides governance and leads identifying, analyzing and
initiating changes in the data security policies, guidelines and
standards including advising company and staff agencies in support
of developing and managing the data security awareness program.
Provides peer review of work product and deliverables.
- Develops, publishes, maintains and interprets highly complex
data security governance (e.g. policies, principles, standards)
that define Information Security requirements.
- Resolves conflicts with the governance.
- Leads in the optimization, execution, and maintenance of a
program of repeatable methods and measurements for data security
- Collaborates on data security risk management strategies and
approaches and educates and consults with senior executive risk
owners on best practices.
- Provides oversight on consulting (advice, guidance and
assistance) to the enterprise, focusing on data security risk, to
guide the strategic security direction of USAA. Reviews
requirements, recommendations, and risk mitigation effectiveness
- Responds both verbally and in writing to complex inquiries and
new periodic exams from both internal control partners (e.g. legal,
compliance, audit, risk) and external control
- partners (e.g. regulators, external auditors, third parties).
Helps optimize and execute methods to improve future inquiry
responses. Provides oversight and peer-review of responses.Minimum
- Bachelor's degree required.
- 4 additional years of related experience beyond the minimum
required may be substituted in lieu of a degree.Minimum Experience:
- 8 or more years of work experience in Information Technology or
related discipline required to include experience facilitating risk
assessment sessions with all levels of management and executive
- Subject-matter-expert knowledge of risk, control, budgets,
process and loss costing, and relevant industry data sources,
standards, data analysis tools and techniques (e.g. Archer,
MetricStream, BWise).*Qualifications may warrant placement in a
different job level*When you apply for this position, you will be
required to answer some initial questions. This will take
approximately 5 minutes. Once you begin the questions you will not
be able to finish them at a later time and you will not able to
change your responses.Preferred Qualifications
- Knowledge of Agile framework
- Knowledge of information security management frameworks (e.g.
ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls)
- Working knowledge of FFIEC and IT Audit principles, as well as
information security policy, standard and procedures related to
- Experience participating in security audits and managed
- Deep knowledge and experience on Enterprise wide implementation
of information/data security scanning tools and protection
capabilities (e.g. Tokenization, Encryption, DLP)
- Knowledge of PCI DSS, GLBA, HIPAA, SOX, EUGDPR, CCPA, FFIEC,
- Experience within one or more of the following areas:
Information Security, IT Governance, Risk Management and IT
- Experience with development of enterprise level
policies/standards/Controls for securing PCI/PII Data
- Experience having supported Enterprise wide rollout of
information security tools
- CISSP/CISM/CISA certified
- Experience having participated in enterprise level threat/risk
assessments on PCI/PII/PHI data sets
- Experience with communication and change management for
Sensitive Data Management
- Strong background in sensitive data controls to protect PCI,
PHI, PII and IP dataThe above description reflects the details
considered necessary to describe the principal functions of the job
and should not be construed as a detailed description of all the
work requirements that may be performed in the job.At USAA our
employees enjoy one of the best benefits packages in the business,
including a flexible business casual or casual dress environment,
comprehensive medical, dental and vision plans, along with wellness
and wealth building programs. Additionally, our career path
planning and continuing education will assist you with your
professional goals.Relocation assistance is not available for this
position.For Internal Candidates:Must complete 12 months in current
position (from date of hire or date of placement) or must have
manager s approval prior to posting.Last day for internal
candidates to apply to the opening is 9/09/20 by 11:59 pm CST
Keywords: USAA, Scottsdale , Lead Sensitive Data Security Advisor, Accounting, Auditing , Scottsdale, Arizona
Didn't find what you're looking for? Search again!