IT/Info Security Risk Management & Governance Executive - SSDLC RISK jobs in United States
cer-icon
Apply on Employer Site
company-logo

USAA · 7 hours ago

IT/Info Security Risk Management & Governance Executive - SSDLC RISK

positionTampa Crosstown
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date10+ years exp

USAA is seeking an IT/Info Security Risk Management & Governance Executive who needs to have hands-on expertise in SSDLC - Second Line of Defense. This role involves providing risk management and governance leadership, operational direction, and oversight of various domains to ensure comprehensive risk management across the Enterprise Security Group.

BankingFinancial ServicesInsuranceVenture Capital
badNo H1Bnote

Responsibilities

Responsible for recognizing and reporting Information Technology (IT) and Information Security (IS) strategic and aggregate risks across the business while advancing the Enterprise Risk Management function for aggregation, quantification, and qualification of risks
Sets direction for risk management programs within IT/IS and leads all aspects of the delivery of those programs across the line of business
Provide risk management and governance leadership, operational direction and operational oversight of Information Security, Business Continuity, Data Center Security, AI and Corporate Investigations domains and establish a best-in-class Risk Management framework for the Enterprise Security Group (ESG) to ensure comprehensive oversight and management of risks across the full risk taxonomy
Ensures risks align within appetite tolerances and strategic goals, product plans, forecasts, and adjusts to variances
Responsible for the aggregation and reporting of risks to senior leadership and effectively assessing and influencing business decisions and direction
Contributes to the long-term strategy of how risk systems should be adapted and integrated to maximize the ability to manage risk in an environment shaped by regulatory change and disruptive, emerging technologies
Ensures effective and appropriate policies, procedures, and controls are in place supporting all risk processes, systems, strategies, and implementations
Establishes trust and rapport with senior business leaders across the enterprise to sustain oversight of the second line risk role
Actively engages line of business leaders to ensure all risks are appropriately addressed consistent with policy and the Risk Appetite
Partners with senior risk executives in managing overall risk appetite to include the identification and definition of key methods, metrics, and limits
Influences and sets strategy for advancement of the risk management framework
Partners across Risk Management, Finance, and the business while effectively challenging variances to plan and strategies to mitigate
Provides advice to other key business partners and drive key decisions assessing risk and reward through effective challenge
Liaises with Compliance and CLO on legal & regulatory considerations that impact business operations and product offerings in accordance with federal and state regulations
Influences sound governance structure for oversight of risks and business operations and interacts & engages with all product & channel leaders on complex, multi-product processes and procedures while factoring in all legal & regulatory requirements
Assists in interactions and briefs on domain of responsibility with regulators from the OCC, FED, FDIC, and CFPB as well as prepare Board and Senior Management level reports related to IT/IS risk
Builds and oversees a team of employees (~5 direct reports / 20-30 team size to start) for assigned functional area through ongoing execution of recruiting, development, retention, coaching and support, performance management, and managerial activities

Qualification

SSDLCInformation SecurityRisk ManagementRegulatory ComplianceAIMachine LearningCISSPCISMCRISCFFIECNIST 800-53Data-Driven Decision MakingTeam LeadershipPresentation Skills

Required

10+ years 'hands-on' experience integrating security throughout the Secure Software Development Lifecycle (SSDLC), including component analysis, static and dynamic scanning (SAST/DAST), penetration testing, and comprehensive application security testing across build, deploy, and maintenance phases
10+ years of risk management and regulatory experience in a functional area such as insurance, banking, or financial services (Large size organizations 20k+)
10+ years' experience focused on Information Security, Data, Risk Management, evaluating the design and development of software
Experience with artificial intelligence (AI) and machine learning principles, including responsible AI use case evaluations and deployment
Proven ability to develop high-impact materials and deliver concise, insight-driven presentations to executive leadership, translating complex concepts into actionable recommendations that influence strategic decision-making
Bachelor's degree: OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree
10+ years of risk management, regulatory or operations experience in a functional area such as insurance, banking, or financial services with 5+ years of this experience focused on Information Security, Business Continuity, Physical Security or Corporate Investigations
4+ years of people leadership experience in building, managing and/or developing high-performing teams
Industry certification(s) in Information Security (e.g., CISSP, CISM) or Business Continuity (e.g., ABCP, CBCP) or Risk Management (e.g., CRISC) or Physical Security (e.g., CPP)
Demonstrated experience working with and applying Risk, Security or Audit frameworks (FFIEC, COBIT, COSO, ISO 27001/2, NIST 800-53, SSAE16)
Knowledge of applicable laws, rules, and regulations applicable to financial institutions
Experience making data-driven decisions
Experience working with external agencies and regulators
Broad knowledge of information technology systems and general system development principles

Benefits

Comprehensive medical, dental and vision plans
401(k)
Pension
Life insurance
Parental benefits
Adoption assistance
Paid time off program with paid holidays plus 16 paid volunteer hours
Various wellness programs
Career path planning and continuing education

Company

USAA

twittertwittertwitter
Glassdoor3.3
company-logo
USAA is a financial services company.
dateFounded in 1922
location
San Antonio, Texas, USA
people-size10001+ employees
web-link
https://www.usaa.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Julie McPeak
SVP, General Counsel Insurance
linkedin
leader-logo
Waqas Durrani
Senior Vice President, General Counsel - Enterprise Shared Services
linkedin

Recent News

Bizjournals.com Feed (2025-11-12 15:43:17)
USAA asks Supreme Court to settle mobile check deposit patent dispute
2026-01-22
PR Newswire
Property & Casualty Insurers Recognized for Digital Excellence in Corporate Insight's 14th Annual P&C Insurance Monitor Awards
2026-01-20
PR Newswire
Guardian, Nationwide and Prudential Lead Corporate Insight's 14th Annual Life Insurance Digital Experience Awards
2026-01-16
Company data provided by crunchbase