USAA · 1 day ago
IT/Info Security Risk Management & Governance Executive - SSDLC RISK
San Antonio Home Office I
Full-time
Hybrid
Senior Level, Lead/Staff
$170K/yr - $306K/yr
10+ years expUSAA is seeking an IT/Info Security Risk Management & Governance Executive who will serve as a key advisor responsible for recognizing and reporting IT and Information Security strategic risks. This role involves providing leadership in risk management and governance while establishing a comprehensive Risk Management framework for the Enterprise Security Group.
BankingFinancial ServicesInsuranceVenture Capital
No H1B
Responsibilities
Recognizing and reporting Information Technology (IT) and Information Security (IS) strategic and aggregate risks across the business
Advancing the Enterprise Risk Management function for aggregation, quantification, and qualification of risks
Setting direction for risk management programs within IT/IS and leading all aspects of the delivery of those programs across the line of business
Providing risk management and governance leadership, operational direction and operational oversight of Information Security, Business Continuity, Data Center Security, AI and Corporate Investigations domains
Establishing trust and rapport with senior business leaders across the enterprise to sustain oversight of the second line risk role
Actively engaging line of business leaders to ensure all risks are appropriately addressed consistent with policy and the Risk Appetite
Partnering with senior risk executives in managing overall risk appetite to include the identification and definition of key methods, metrics, and limits
Influencing and setting strategy for advancement of the risk management framework
Partnering across Risk Management, Finance, and the business while effectively challenging variances to plan and strategies to mitigate
Providing advice to other key business partners and driving key decisions assessing risk and reward through effective challenge
Liaising with Compliance and CLO on legal & regulatory considerations that impact business operations and product offerings in accordance with federal and state regulations
Influencing sound governance structure for oversight of risks and business operations and interacting & engaging with all product & channel leaders on complex, multi-product processes and procedures while factoring in all legal & regulatory requirements
Assisting in interactions and briefs on domain of responsibility with regulators from the OCC, FED, FDIC, and CFPB as well as preparing Board and Senior Management level reports related to IT/IS risk
Building and overseeing a team of employees (~5 direct reports / 20-30 team size to start) for assigned functional area through ongoing execution of recruiting, development, retention, coaching and support, performance management, and managerial activities
Qualification
Required
Bachelor's degree: OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree
10+ years of risk management, regulatory or operations experience in a functional area such as insurance, banking, or financial services with 5+ years of this experience focused on Information Security, Business Continuity, Physical Security or Corporate Investigations
4+ years of people leadership experience in building, managing and/or developing high-performing teams
Industry certification(s) in Information Security (e.g., CISSP, CISM) or Business Continuity (e.g., ABCP, CBCP) or Risk Management (e.g., CRISC) or Physical Security (e.g., CPP)
Demonstrated experience working with and applying Risk, Security or Audit frameworks (FFIEC, COBIT, COSO, ISO 27001/2, NIST 800-53, SSAE16)
Knowledge of applicable laws, rules, and regulations applicable to financial institutions
Experience making data-driven decisions
Experience working with external agencies and regulators
Broad knowledge of information technology systems and general system development principles
Preferred
7+ years of risk management and regulatory experience in a functional area such as insurance, banking, or financial services (Large size organizations 20k+)
10+ years' experience focused on Information Security, Data, Risk Management, evaluating the design and development of software
Experience with artificial intelligence (AI) and machine learning principles, including responsible AI use case evaluations and deployment
10+ years 'hands-on' experience integrating security throughout the Secure Software Development Lifecycle (SSDLC), including component analysis, static and dynamic scanning (SAST/DAST), penetration testing, and comprehensive application security testing across build, deploy, and maintenance phases
Proven ability to develop high-impact materials and deliver concise, insight-driven presentations to executive leadership, translating complex concepts into actionable recommendations that influence strategic decision-making
Benefits
Comprehensive medical, dental and vision plans
401(k)
Pension
Life insurance
Parental benefits
Adoption assistance
Paid time off program with paid holidays plus 16 paid volunteer hours
Various wellness programs
Career path planning and continuing education
Company
USAA
USAA is a financial services company.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Julie McPeak
SVP, General Counsel Insurance
Waqas Durrani
Senior Vice President, General Counsel - Enterprise Shared Services
Recent News
Bizjournals.com Feed (2025-11-12 15:43:17)
2026-01-22
Company data provided by crunchbase