Purpose of Job
We are currently seeking a talented Public Cloud Information
Security Advisor for the San Antonio Home Office I, Phoenix or 100
% Remote Work Environment.
Provides information assurance capabilities through technical
consultation and guidance to the business for the interpretation
and assessment of information security risk for projects,
technologies, and environments. Aims to identify and manage
existing and emerging risks and integrate risk management
strategies and educate risk owners across the enterprise on
information security requirements and best practices. Ensures risks
associated with business activities are effectively identified,
measured, monitored and controlled and administers, and implements
systems, policies and processes which serve to enhance the
mitigation, reporting, and analysis of Information Security risk.
Stays current on the latest Information Security risks.
About USAA USAA knows what it means to serve. We facilitate the
financial security of millions of U.S. military members and their
families. This singular mission requires a dedication to innovative
thinking at every level.
In each of the past five years, we've been a top-40 Fortune 100
Best Companies to Work For, and we've ranked among Victory Media's
Top 10 Military Friendly Employers 13 years straight. We embrace a
robust veteran workforce and encourage veterans and veteran spouses
USAA Careers - Award Winning Workplace
(https://www.youtube.com/watch?v=lcGKT_Nxdgc) (17 seconds) USAA
Careers World Class Benefits
(https://www.youtube.com/watch?v=APwPQizcENY) (31 seconds)
* Develops, publishes, maintains and/or interprets highly
complex Information Security governance requirements (e.g. policies
and standards). * Collaborates with business operations to resolve
Information Security governance conflicts. * Leads in the
optimization, execution, and maintenance of repeatable methods and
measurements for the Information Security risk management program.
* Leads, performs and reviews security risk assessments of complex
projects, new technologies, business partners and third parties. *
Collaborates on Information Security risk management strategies
with senior executive risk owners; educates and recommends risk
treatment best practices. * Provides oversight on consulting
(advice, guidance and assistance) to the enterprise, focusing on
Information Security risk, to guide the strategic security
direction of USAA. * Responds both verbally and in writing to
complex inquiries and periodic exams from both internal control
partners (e.g. legal, compliance, audit, risk) and external control
partners (e.g. regulators, external auditors, third-parties). Helps
optimize and execute methods to improve future inquiry responses.
Provides oversight and peer-review of responses. * Leads and
provides guidance to team for identification, development, and
testing of Information Security controls for risk mitigation
effectiveness. * Maintains expert level knowledge of USAA
Information Security standards as well as industry information
security best practices, frameworks, laws and regulations. *
Follows written risk and compliance policies and procedures for
* Bachelors Degree, OR, 4 additional years of related experience
beyond the minimum required may be substituted in lieu of a
* 8 or more years of related experience in Information Security,
Information Assurance, Risk Management, Audit and/or Information
Technology to include accountability for complex tasks and/or
projects. * 6 or more years of related experience in conducting
risk assessments, recommending risk treatment options and/or
developing program governance (e.g. policies and standards). *
Expert level of business acumen in the areas of business
operations, risk management, industry practices and emerging
*Qualifications may warrant placement in a different job
When you apply for this position, you will be required to answer
some initial questions. This will take approximately 5 minutes.
Once you begin the questions you will not be able to finish them at
a later time and you will not able to change your responses.
* Experience securing application and information assets in a
major public cloud provider such as AWS, Azure, and/or Google Cloud
Platform preferred. * Experience leveraging industry standard risk
and controls frameworks such as NIST CSF or NIST 800-53 to build a
comprehensive information security risk management program *
Possess one or more of the following certifications: CISSP, CCSP,
AWS associate level certification, AWS security certification,
Google Certified Professional Cloud Security Engineer, CRISC
The above description reflects the details considered necessary
to describe the principal functions of the job and should not be
construed as a detailed description of all the work requirements
that may be performed in the job.
At USAA our employees enjoy one of the best benefits package in
the business, including a flexible business casual or casual dress
environment, comprehensive medical, dental and vision plans, along
with wellness and wealth building programs. Additionally, our
career path planning and continuing education will assist you with
your professional goals.
Relocation assistance is not available for this position.
For Internal Candidates: Must complete 12 months in current
position (from date of hire or date of placement), or must have
managers approval prior to posting.
Last day for internal candidates to apply to the opening is
10/15/20 by 11:59 pm CST time .