Serves as a system engineer, anticipates operational inefficiencies and potential information security risks, and drives solutions architecture for large complex systems or networks, with a focus on managing vulnerabilities and reducing risk of system and/or asset compromises.
Leads the design of secure scalable infrastructure across multiple domains and portfolios including the creation and enforcement of the standards for system change across USAA.
Reserves execution for the most complex implementations, influences service delivery and maintenance task automation across multiple domains and drives monitoring and tooling at the portfolio level.
Serves as a trusted advisor and leads cross-functional, matrixed delivery teams across a variety of technical domains to solve highly complex and high value Information Security related business problems and decrease the time to market of critical business decisions that impact the overall security posture and health of USAA.
Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk.
Oversees risk and compliance self-assessments and leads internal and external risk and compliance assessments.
Interfaces with external regulators to represent USAA in discussions regarding their specific information security technical domains.
Collaborates with and influences senior level executive leaders on the most appropriate and feasible approach for managing information security-based risk and compliance issues.
Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security use and operation of information systems.
Owns operational information and cyber security decisions across USAA including identifying, planning, and applying advanced security concepts and principles.
Builds prototypes and proofs of concept to demonstrate feasibility for new, emerging and innovative security technologies, and influences enterprise prioritization for implementation.
Anticipates and translates business and security objectives into achievable controls, including developing and overseeing the technical implementation of those controls.
Leads, mentors and inspires USAA Information Security professionals while raising the security quotient of technology teams, senior leadership, executives and business partners.
Actively seeks opportunities to advance professional development through participation in industry organizations, writing security publications, pursuing educational opportunities, establishing personal networks and participating in professional societies and publications.
Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures.
Requirements
Bachelor’s degree in information security, Information Technology, Computer Science, Information Systems/Management or related field; OR 4 years of related experience may be substituted in lieu of degree.
10 years of related experience in Information Security, Cybersecurity and/or Information Technology in a large organization, major consulting firm or US military.
4 years’ of demonstrated technical leadership and/or leading teams required with deep knowledge in one or more information security domains, e.g.: Identity Protections, Data Protections, Infrastructure Protections, or Monitoring and Response.
Advanced knowledge of emerging and/or evolution of existing security technologies.
Mastery of complex system and environment analysis, design, optimization, and hardening.
Advanced knowledge of Security Platforms (i.e. CrowdStrike, Microsoft Defender, etc), SIEM (Splunk, Elastic, etc), and Incident Response Principles
Deep technical knowledge, expertise and practical application experience required in successfully applying Information Security and/or Cybersecurity theories, techniques and/or technologies to a financial services and/or business operations environment.
Extensive experience in delivering modern security infrastructure solutions to support and enable the organization, this includes support of new applications of technology, and Information Technology business models in support of emerging workforce needs.
Mastery of Information Security and/or Cybersecurity consulting skills to include gathering and synthesizing business and technical requirements and communicating and/or facilitating constructive opportunities to a variety of audience levels and without direct authority.
Exceptional relationship management building skills which include the ability to effectively collaborate, communicate and develop high trust relationships across all levels of an organization, to include senior level executive leaders.
Extensive experience explaining and influencing complex technology decisions to both technical and nontechnical audiences at all levels in the organization and with multi-functional and enterprise teams.
Advanced solutions engineering and troubleshooting skills as well as deep experience with and knowledgeable of secure architectures, engineering, and design principles.
Tech Stack
Cyber Security
Splunk
Benefits
comprehensive medical, dental and vision plans
401(k)
pension
life insurance
parental benefits
adoption assistance
paid time off program with paid holidays plus 16 paid volunteer hours