Sensitive Data Security Advisor Senior (San Antonio or Remote)
Purpose of JobWe are seeking a talented Sensitive Data Security advisor for either our San Antonio Office or Remote work optional.
Collaborates with all levels of USAA management and internal partners to assess data security and align to support the organization goals with Enterprise goals.
Manages and mitigates data security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting, and implementing systems, policies and processes.
Provides data security risk insight and guides management on data security risk issues and serves as an advisor to peers, team members and the enterprise.
Job RequirementsAbout USAAUSAA knows what it means to serve.
We facilitate the financial security of millions of U.
S.
military members and their families.
This singular mission requires a dedication to innovative thinking at every level.
USAA Careers - World Class Benefits (31 seconds) Primary
Responsibilities:
Identifies and manages existing and emerging risks that stem from business activities and the job role.
Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled.
Follows written risk and compliance policies and procedures for business activities.
Develops, publishes, maintains and/or interprets complex Sensitive Data Security governance requirements (e.
g.
policies and standards)Designs, develops, and optimizes repeatable methods and measurements for Sensitive Data Security and information risk management program.
Performs and advises on Sensitive Data Security and information focused risk assessments of complex projects (e.
g.
newly established domain or system with limited to no structure or governance) and new technologies.
Influences Sensitive Data Security and information risk management strategies; educates and consults with risk owners on best practices.
Consults across the enterprise (advice, guidance, and assistance), on Sensitive Data Security risk; guides the strategic security direction of USAA technical projects and other initiatives.
Recommends risk treatment options for technical projects and other initiatives.
Responds both verbally and in writing to moderately complex inquiries and periodic exams from both internal control partners (e.
g.
legal, compliance, audit, risk) and external control partners (e.
g.
regulators, external auditors, third parties).
Ensures process owners identify, develop and test Sensitive Data and Information Security controls for Sensitive Data risk mitigation effectiveness.
Acts as an advisor on Sensitive Data focused standards, policies, processes, and procedures for the enterprise.
Minimum Requirements:
Bachelor's degree (4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree)6 years of related experience in Sensitive Data Security, Information Security, Information Assurance, Risk Management, or Audit to include accountability for complex tasks and/or projects4 years of related experience in conducting risk assessments, recommending risk treatment options and/or developing program governance (e.
g.
policies and standards)Advanced level of business acumen in the areas of business operations, risk management, industry practices and emerging trendsKnowledge and demonstrated application of Confidentiality, Integrity and Availability (CIA), Data Management and Least Privilege PrinciplesKnowledge of a wide range of security technologies, such as network security, database security, tokenization platforms, Data Leakage Prevention, Data Leakage Protection, Database Monitoring, identity and access management systems.
Solid understanding of security protocols, application security, cryptography, authentication, authorization, and securityExtensive knowledge of current IT risks and experience implementing security solutionsKnowledge of Archer enterprise governance, risk, and compliance (or similar GRC tools)Knowledge of post-breach incident response creation, policies, and standards for testing breach incidentsWhen you apply for this position, you will be required to answer some initial questions.
This will take approximately 5 minutes.
Once you begin the questions you will not be able to finish them at a later time and you will not be able to change your responses.
Preferred
Experience:
Knowledge of Agile frameworkKnowledge of information security management frameworks (e.
g.
ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls)Working knowledge of FFIEC and IT Audit principles, as well as information security policy, standard and procedures related to data securityExperience participating in security audits and managed evidencesDeep knowledge and experience on Enterprise wide implementation of information/data security scanning tools and protection capabilities (e.
g.
Tokenization, Encryption, DLP)Knowledge of PCI DSS, GLBA, HIPAA, SOX, EUGDPR, CCPA, FFIEC, NYDFS, etc.
Experience within one or more of the following areas:
Information Security, IT Governance, Risk Management, and IT AuditExperience with development of enterprise level policies/standards/Controls for securing PCI/PII DataExperience having supported Enterprise wide rollout of information security tools CISSP/CISM/CISA certifiedExperience having participated in enterprise level threat/risk assessments on PCI/PII/PHI data setsExperience with communication and change management for Sensitive Data ManagementStrong background in sensitive data controls to protect PCI, PHI, PII and IP dataThe above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
Compensation:
USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive.
You are paid within the salary range based on your experience and market position.
The salary range for this position is:
$88,200 - $158,900 (this does not include geographic differential it may be applied based on your work location)Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors.
Geographical Differential:
Geographic pay differential is additional pay provided to eligible employees working in locations where market pay levels are above the national average.
Shift premium:
will be addressed on an individual basis for applicable roles that are consistently scheduled for non-core hours.
Benefits:
At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness.
These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs.
Additionally, our career path planning and continuing education assists employees with their professional goals.
Please click on the link below for more details.
USAA Total RewardsRelocation assistance is not available for this position.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
Collaborates with all levels of USAA management and internal partners to assess data security and align to support the organization goals with Enterprise goals.
Manages and mitigates data security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting, and implementing systems, policies and processes.
Provides data security risk insight and guides management on data security risk issues and serves as an advisor to peers, team members and the enterprise.
Job RequirementsAbout USAAUSAA knows what it means to serve.
We facilitate the financial security of millions of U.
S.
military members and their families.
This singular mission requires a dedication to innovative thinking at every level.
USAA Careers - World Class Benefits (31 seconds) Primary
Responsibilities:
Identifies and manages existing and emerging risks that stem from business activities and the job role.
Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled.
Follows written risk and compliance policies and procedures for business activities.
Develops, publishes, maintains and/or interprets complex Sensitive Data Security governance requirements (e.
g.
policies and standards)Designs, develops, and optimizes repeatable methods and measurements for Sensitive Data Security and information risk management program.
Performs and advises on Sensitive Data Security and information focused risk assessments of complex projects (e.
g.
newly established domain or system with limited to no structure or governance) and new technologies.
Influences Sensitive Data Security and information risk management strategies; educates and consults with risk owners on best practices.
Consults across the enterprise (advice, guidance, and assistance), on Sensitive Data Security risk; guides the strategic security direction of USAA technical projects and other initiatives.
Recommends risk treatment options for technical projects and other initiatives.
Responds both verbally and in writing to moderately complex inquiries and periodic exams from both internal control partners (e.
g.
legal, compliance, audit, risk) and external control partners (e.
g.
regulators, external auditors, third parties).
Ensures process owners identify, develop and test Sensitive Data and Information Security controls for Sensitive Data risk mitigation effectiveness.
Acts as an advisor on Sensitive Data focused standards, policies, processes, and procedures for the enterprise.
Minimum Requirements:
Bachelor's degree (4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree)6 years of related experience in Sensitive Data Security, Information Security, Information Assurance, Risk Management, or Audit to include accountability for complex tasks and/or projects4 years of related experience in conducting risk assessments, recommending risk treatment options and/or developing program governance (e.
g.
policies and standards)Advanced level of business acumen in the areas of business operations, risk management, industry practices and emerging trendsKnowledge and demonstrated application of Confidentiality, Integrity and Availability (CIA), Data Management and Least Privilege PrinciplesKnowledge of a wide range of security technologies, such as network security, database security, tokenization platforms, Data Leakage Prevention, Data Leakage Protection, Database Monitoring, identity and access management systems.
Solid understanding of security protocols, application security, cryptography, authentication, authorization, and securityExtensive knowledge of current IT risks and experience implementing security solutionsKnowledge of Archer enterprise governance, risk, and compliance (or similar GRC tools)Knowledge of post-breach incident response creation, policies, and standards for testing breach incidentsWhen you apply for this position, you will be required to answer some initial questions.
This will take approximately 5 minutes.
Once you begin the questions you will not be able to finish them at a later time and you will not be able to change your responses.
Preferred
Experience:
Knowledge of Agile frameworkKnowledge of information security management frameworks (e.
g.
ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls)Working knowledge of FFIEC and IT Audit principles, as well as information security policy, standard and procedures related to data securityExperience participating in security audits and managed evidencesDeep knowledge and experience on Enterprise wide implementation of information/data security scanning tools and protection capabilities (e.
g.
Tokenization, Encryption, DLP)Knowledge of PCI DSS, GLBA, HIPAA, SOX, EUGDPR, CCPA, FFIEC, NYDFS, etc.
Experience within one or more of the following areas:
Information Security, IT Governance, Risk Management, and IT AuditExperience with development of enterprise level policies/standards/Controls for securing PCI/PII DataExperience having supported Enterprise wide rollout of information security tools CISSP/CISM/CISA certifiedExperience having participated in enterprise level threat/risk assessments on PCI/PII/PHI data setsExperience with communication and change management for Sensitive Data ManagementStrong background in sensitive data controls to protect PCI, PHI, PII and IP dataThe above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
Compensation:
USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive.
You are paid within the salary range based on your experience and market position.
The salary range for this position is:
$88,200 - $158,900 (this does not include geographic differential it may be applied based on your work location)Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors.
Geographical Differential:
Geographic pay differential is additional pay provided to eligible employees working in locations where market pay levels are above the national average.
Shift premium:
will be addressed on an individual basis for applicable roles that are consistently scheduled for non-core hours.
Benefits:
At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness.
These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs.
Additionally, our career path planning and continuing education assists employees with their professional goals.
Please click on the link below for more details.
USAA Total RewardsRelocation assistance is not available for this position.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
