USAA · 5 months ago
SSDLC IT/IS Risk Management & Governance Executive - Charlotte
United States
Full-time
Remote
Senior Level, Lead/Staff
$170K/yr - $306K/yr
10+ years expUSAA is committed to empowering its members to achieve financial security and is seeking an IT/Info Security Risk Management & Governance Executive to lead risk management programs within IT/IS. The successful candidate will be responsible for recognizing and reporting IT and IS strategic risks and ensuring comprehensive oversight and management of risks across the organization.
BankingFinancial ServicesInsuranceVenture Capital
No H1B
Responsibilities
Recognizing and reporting Information Technology (IT) and Information Security (IS) strategic and aggregate risks across the business
Advancing the Enterprise Risk Management function for aggregation, quantification, and qualification of risks
Setting direction for risk management programs within IT/IS and leading all aspects of the delivery of those programs across the line of business
Providing risk management and governance leadership, operational direction and operational oversight of Information Security, Business Continuity, Data Center Security, AI and Corporate Investigations domains
Establishing a best-in-class Risk Management framework for the Enterprise Security Group (ESG)
Ensuring risks align within appetite tolerances and strategic goals, product plans, forecasts, and adjusting to variances
Aggregating and reporting of risks to senior leadership and effectively assessing and influencing business decisions and direction
Contributing to the long-term strategy of how risk systems should be adapted and integrated to maximize the ability to manage risk
Ensuring effective and appropriate policies, procedures, and controls are in place supporting all risk processes, systems, strategies, and implementations
Establishing trust and rapport with senior business leaders across the enterprise to sustain oversight of the second line risk role
Actively engaging line of business leaders to ensure all risks are appropriately addressed consistent with policy and the Risk Appetite
Partnering with senior risk executives in managing overall risk appetite to include the identification and definition of key methods, metrics, and limits
Influencing and setting strategy for advancement of the risk management framework
Partnering across Risk Management, Finance, and the business while effectively challenging variances to plan and strategies to mitigate
Providing advice to other key business partners and driving key decisions assessing risk and reward through effective challenge
Liaising with Compliance and CLO on legal & regulatory considerations that impact business operations and product offerings
Assisting in interactions and briefs on domain of responsibility with regulators from the OCC, FED, FDIC, and CFPB
Preparing Board and Senior Management level reports related to IT/IS risk
Building and overseeing a team of employees for assigned functional area through ongoing execution of recruiting, development, retention, coaching and support, performance management, and managerial activities
Qualification
Required
Bachelor's degree; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree
10+ years of risk management, regulatory or operations experience in a functional area such as insurance, banking, or financial services with 5+ years of this experience focused on Information Security, Business Continuity, Physical Security or Corporate Investigations
4+ years of people leadership experience in building, managing and/or developing high-performing teams
Industry certification(s) in Information Security (e.g., CISSP, CISM) or Business Continuity (e.g., ABCP, CBCP) or Risk Management (e.g., CRISC) or Physical Security (e.g., CPP)
Demonstrated experience working with and applying Risk, Security or Audit frameworks (FFIEC, COBIT, COSO, ISO 27001/2, NIST 800-53, SSAE16)
Knowledge of applicable laws, rules, and regulations applicable to financial institutions
Experience making data-driven decisions
Experience working with external agencies and regulators
Broad knowledge of information technology systems and general system development principles
Preferred
7+ years of risk management and regulatory experience in a functional area such as insurance, banking, or financial services (Large size organizations 20k+)
10+ years experience focused on Information Security, Data, Risk Management, evaluating the design and development of software
Experience with artificial intelligence (AI) and machine learning principles, including responsible AI use case evaluations and deployment
10+ years 'hands-on' experience integrating security throughout the Secure Software Development Lifecycle (SSDLC), including component analysis, static and dynamic scanning (SAST/DAST), penetration testing, and comprehensive application security testing across build, deploy, and maintenance phases
Proven ability to develop high-impact materials and deliver concise, insight-driven presentations to executive leadership, translating complex concepts into actionable recommendations that influence strategic decision-making
Benefits
Comprehensive medical, dental and vision plans
401(k)
Pension
Life insurance
Parental benefits
Adoption assistance
Paid time off program with paid holidays plus 16 paid volunteer hours
Various wellness programs
Career path planning and continuing education
Company
USAA
USAA is a financial services company.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Julie McPeak
SVP, General Counsel Insurance
Waqas Durrani
Senior Vice President, General Counsel - Enterprise Shared Services
Recent News
24-7 Press Release Newswire
2026-01-11
2026-01-07
Company data provided by crunchbase