Public Cloud Information Security Advisor

Company: USAA
Location: Scottsdale
Posted on: October 12, 2020

Job Description:

Purpose of Job

We are currently seeking a talented Public Cloud Information Security Advisor for the San Antonio Home Office I, Phoenix or 100 % Remote Work Environment.

Provides information assurance capabilities through technical consultation and guidance to the business for the interpretation and assessment of information security risk for projects, technologies, and environments. Aims to identify and manage existing and emerging risks and integrate risk management strategies and educate risk owners across the enterprise on information security requirements and best practices. Ensures risks associated with business activities are effectively identified, measured, monitored and controlled and administers, and implements systems, policies and processes which serve to enhance the mitigation, reporting, and analysis of Information Security risk. Stays current on the latest Information Security risks.

Job Requirements

About USAA USAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level.

In each of the past five years, we've been a top-40 Fortune 100 Best Companies to Work For, and we've ranked among Victory Media's Top 10 Military Friendly Employers 13 years straight. We embrace a robust veteran workforce and encourage veterans and veteran spouses to apply.

USAA Careers - Award Winning Workplace (https://www.youtube.com/watch?v=lcGKT_Nxdgc) (17 seconds) USAA Careers World Class Benefits (https://www.youtube.com/watch?v=APwPQizcENY) (31 seconds)

* Develops, publishes, maintains and/or interprets highly complex Information Security governance requirements (e.g. policies and standards). * Collaborates with business operations to resolve Information Security governance conflicts. * Leads in the optimization, execution, and maintenance of repeatable methods and measurements for the Information Security risk management program. * Leads, performs and reviews security risk assessments of complex projects, new technologies, business partners and third parties. * Collaborates on Information Security risk management strategies with senior executive risk owners; educates and recommends risk treatment best practices. * Provides oversight on consulting (advice, guidance and assistance) to the enterprise, focusing on Information Security risk, to guide the strategic security direction of USAA. * Responds both verbally and in writing to complex inquiries and periodic exams from both internal control partners (e.g. legal, compliance, audit, risk) and external control partners (e.g. regulators, external auditors, third-parties). Helps optimize and execute methods to improve future inquiry responses. Provides oversight and peer-review of responses. * Leads and provides guidance to team for identification, development, and testing of Information Security controls for risk mitigation effectiveness. * Maintains expert level knowledge of USAA Information Security standards as well as industry information security best practices, frameworks, laws and regulations. * Follows written risk and compliance policies and procedures for business activities.

Minimum Education:

* Bachelors Degree, OR, 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.

Minimum Experience:

* 8 or more years of related experience in Information Security, Information Assurance, Risk Management, Audit and/or Information Technology to include accountability for complex tasks and/or projects. * 6 or more years of related experience in conducting risk assessments, recommending risk treatment options and/or developing program governance (e.g. policies and standards). * Expert level of business acumen in the areas of business operations, risk management, industry practices and emerging trends.

*Qualifications may warrant placement in a different job level*

When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not able to change your responses.

Preferred:

* Experience securing application and information assets in a major public cloud provider such as AWS, Azure, and/or Google Cloud Platform preferred. * Experience leveraging industry standard risk and controls frameworks such as NIST CSF or NIST 800-53 to build a comprehensive information security risk management program * Possess one or more of the following certifications: CISSP, CCSP, AWS associate level certification, AWS security certification, Google Certified Professional Cloud Security Engineer, CRISC

The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.

At USAA our employees enjoy one of the best benefits package in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs. Additionally, our career path planning and continuing education will assist you with your professional goals.

Relocation assistance is not available for this position.

For Internal Candidates: Must complete 12 months in current position (from date of hire or date of placement), or must have managers approval prior to posting.

Last day for internal candidates to apply to the opening is 10/15/20 by 11:59 pm CST time .

Keywords: USAA, Scottsdale , Public Cloud Information Security Advisor, Other , Scottsdale, Arizona