This job has closed.

USAA · 2 days ago

IT/IS Risk Management & Governance Executive

Tampa, FL

Full-time

Hybrid

Director/Executive

$170K/yr - $306K/yr

10+ years exp

USAA is a financial services company dedicated to empowering the military community and their families. They are seeking an IT/IS Risk Management & Governance Executive to oversee and report on IT and IS strategic risks, while leading risk management programs across the organization. The role involves establishing a Risk Management framework and ensuring alignment with strategic goals and regulatory requirements.

BankingFinancial ServicesInsuranceVenture Capital

No H1B

U.S. Citizen Only

Responsibilities

Recognizing and reporting IT and IS strategic and aggregate risks across the business while advancing the Enterprise Risk Management function

Sets direction for risk management programs within IT and IS and leads all aspects of the delivery of those programs across the line of business

Provide risk management and governance leadership, operational direction and operational oversight of Information Security, Business Continuity, Data Center Security, AI and Corporate Investigations domains and establish a best-in-class Risk Management framework for the Enterprise Security Group (ESG)

Ensures risks align within appetite tolerances and strategic goals, product plans, forecasts, and adjusts to variances

Responsible for the aggregation and reporting of risks to senior leadership and effectively assessing and influencing business decisions and direction

Contributes to the long-term strategy of how risk systems should be adapted and integrated to improve the ability to handle risk in an environment built by regulatory change and pioneering, new technologies

Ensures effective and appropriate policies, procedures, and controls are in place supporting all risk processes, systems, strategies, and implementations

Establishes trust and rapport with senior business leaders across the enterprise to sustain oversight of the second line risk role

Partners with senior risk executives in leading overall risk appetite to include the identification and definition of key methods, metrics, and limits

Influences and sets strategy for advancement of the risk management framework

Partners across Risk Management, Finance, and the business while effectively challenging variances to plan and strategies to mitigate

Provides advice to other key business partners and drive key decisions assessing risk and reward through effective challenge

Liaises with Compliance and CLO on legal & regulatory considerations that impact business operations and product offerings in accordance with federal and state regulations

Influences sound governance structure for oversight of risks and business operations and interacts & engages with all product & channel leaders on complex, multi-product processes and procedures while factoring in all legal & regulatory requirements

Assists in interactions and briefs on domain of responsibility with regulators from the OCC, FED, FDIC, and CFPB as well as prepare Board and Senior Management level reports related to IT/IS risk

Builds and leads all aspects of a team of employees for assigned functional area through ongoing execution of recruiting, development, retention, mentor and support, performance management, and managerial activities

Qualification

Risk ManagementInformation SecurityBusiness ContinuityRegulatory ComplianceData Center SecurityArtificial IntelligenceRisk FrameworksTeam LeadershipData-Driven Decision MakingStakeholder EngagementPresentation SkillsCommunication Skills

Required

Bachelor's degree; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree

10+ years of risk management, regulatory or operations experience in a functional area such as insurance, banking, or financial services with 5+ years of this experience focused on Information Security, Business Continuity, Physical Security or Corporate Investigations

4+ years of people leadership experience in building, leading and/or developing high-performing teams

Industry certification(s) in Information Security (e.g., CISSP, CISM) or Business Continuity (e.g., ABCP, CBCP) or Risk Management (e.g., CRISC) or Physical Security (e.g., CPP)

Proven experience working with and applying Risk, Security or Audit frameworks (FFIEC, COBIT, COSO, ISO 27001/2, NIST 800-53, SSAE16)

Knowledge of applicable laws, rules, and regulations applicable to financial institutions

Experience making data-driven decisions

Experience working with external agencies and regulators

Broad knowledge of information technology systems and general system development principles

Preferred

7+ years of risk management, regulatory or operations experience in a functional area such as insurance, banking, or financial services

10+ years experience focused on Information Security, Data, Risk Management, evaluating the design and development of software

3+ years experience with artificial intelligence (AI) and machine learning principles, including responsible AI use case evaluations and deployment

10+ years hands-on experience integrating security throughout the Software Development Lifecycle (SDLC), including component analysis, static and dynamic scanning (SAST/DAST), penetration testing, and comprehensive application security testing across build, deploy, and maintenance phases

Proven ability to develop high-impact materials and deliver concise, insight-driven presentations to executive leadership, translating complex concepts into actionable recommendations that influence strategic decision-making