WHY USAA?

At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families.
Embrace a fulfilling career at USAA, where our core values – honesty, integrity, loyalty and service – define how we treat each other and our members. Be part of what truly makes us special and impactful.

• Develop and execute the bank’s first line IT risk strategy aligned with Association risk and regulatory frameworks.
• Design and implement FSB IT risk governance structures, policies, and procedures.
• Serve as a key advisor to the FSB CIO and executive leadership on IT risk matters.
• Lead risk assessments for new technologies, systems, and major IT initiatives.
• Ensure continuous monitoring and reporting of IT risk metrics and key risk indicators (KRIs).
• Oversee identification, assessment, and mitigation of risks related to technology operations and monitoring, technology architecture and systems limitations and/or design and development.
• Monitor and implement relevant laws and regulations, including applicable regulatory guidance (e.g., GDPR, CCPA, GLBA, NYDFS 23 NYCRR 500, FFIEC).
• Align technology practices with industry standards (e.g., NIST, ISO 27001).
• Develop and manage ongoing oversight of affiliate agreements for IT services, ensuring FSB compliance and risk ownership.
• Conduct due diligence on affiliates and monitor performance and compliance with advertising laws, data privacy, and brand guidelines.
• Establish clear expectations, deliverables, and compliance requirements within affiliate agreements.
• Review affiliate programs and respond to incidents of non-compliance or brand abuse.
• Report on affiliate risk posture and mitigation efforts to senior leadership.
• Lead incident and issue management processes for FSB impacting technology issues, ensuring rapid triage, root cause analysis, and remediation.
• Support Control testing and Conduct risk assessments to evaluate effectiveness of operational and technical controls.
• Support Risk and Control Self-Assessments (RCSA) and identify gaps in technology and data management processes.
• Partner with risk leadership to integrate risk identification, assessment, and mitigation across FSB impacting technologies. Present IT and affiliate risk posture, trends, and mitigation strategies to the Board, regulators, and senior executives.
• Build strong relationships with business units, second line risk teams, audit, and external regulators.
• Provide concise risk reporting and updates to senior leadership.
• Build and lead a high-performing IT risk team, fostering a culture of accountability, innovation, and continuous improvement.
• Provide mentorship and development opportunities to team members.
• Lead risk workshops and training sessions to promote a risk-aware culture across the organization.