Risk and Compliance Advisor Lead - Information Security

USAA•San Antonio, NC

7d•Hybrid

About The Position

USAA is seeking a Risk and Compliance Advisor Lead – Information Security to provide second-line independent oversight and effective challenge across business products, services, and processes. This role is responsible for ensuring alignment with regulatory requirements and USAA policies and procedures while strengthening the organization’s overall risk and compliance framework. The individual will partner closely with business leaders to deliver thoughtful risk guidance, supporting the identification, assessment, and mitigation of operational, information security, fraud, and data-related risks. This position requires strong business acumen across banking and insurance operations, along with a deep understanding of industry practices, regulatory expectations, and emerging risk trends. The ideal candidate will demonstrate the ability to evaluate processes, risks, and controls; identify and escalate emerging issues; analyze large and complex data sets; and translate insights into clear, actionable recommendations for diverse stakeholders. In addition to technical expertise, this role requires a strong commitment to leadership and talent development, including at least three years of experience leading and mentoring information security or risk professionals. The successful candidate will foster a culture of accountability, continuous improvement, and professional growth while influencing partners across all levels of the organization. With 6+ years of experience in a large financial institution supporting or executing enterprise-wide operational risk programs, the candidate should possess exceptional communication skills and the ability to simplify complex risk concepts into practical business guidance. Professional certifications such as CISSP, CISM, CRISC, or similar information security or risk management credentials are preferred and demonstrate the advanced level of expertise expected for success in this role.

Requirements

Bachelor's degree; OR 4 years of relevant education and/or experience.
8 or more years relevant experience in risk, compliance, legal or audit within the financial services or insurance industry or specialized technical fields directly related to the role.
Risk and compliance management experience in a complex institution and/or highly matrixed environment.
Expert knowledge of compliance laws, regulations, and regulatory expectations.
Demonstrated ability to apply expert knowledge of regulatory risk and compliance to consult and provide insights and guidance.
Demonstrated experience in conflict resolution management and ability to effectively challenge at all levels of management and influence business outcomes.
Experience leading and directing work with internal and external partners in a highly collaborative environment.
Demonstrated critical thinking and knowledge of data analysis tools and techniques and decision-making abilities, to include demonstrated ability to effectively make data-driven decisions.
Proactively identifies potential concerns and resolve issues.
Advanced proficiency with Microsoft Office products including Word, Excel, and PowerPoint.

Nice To Haves

US military experience through military service or a military spouse/domestic partner
6+ years of experience within a large financial institution supporting or executing an enterprise-wide operational risk management program in alignment with regulatory expectations
Strong business acumen across operational risk, banking and insurance operations, and awareness of industry practices and emerging trends
In-depth knowledge of cybersecurity, information security (across multiple domains), fraud risk management, and data risk management
Proven ability to assess processes, risks, and controls; identify emerging risks; analyze large volumes of data; and deliver clear, actionable insights to diverse stakeholders
Excellent written and verbal communication skills, with the ability to convey complex topics in a concise and effective manner
Professional certifications such as CISSP, CISM, CRISC, or similar information security or risk management credentials

Responsibilities

Routinely communicates results of risk assessments to governance committees, business process owners and various levels of leadership and influences decision making.
Develops processes and procedures for successful implementation of new risk policies, practices, appetites, and solutions to ensure holistic understanding and management of risks according to industry best practice.
Identifies and seeks key stakeholders across the enterprise to support the identification, assessment, aggregation and the overall management of risks and controls.
Crafts key communications related to risk and compliance insights to be delivered to executives and board members.
Executes compliance risk management activities in accordance with enterprise compliance standards.
Maintains and expands expert knowledge of the competitive/regulatory landscape and the company's key challenges.
Keeps abreast of the competitive/regulatory landscape and shares expert knowledge w/team members.
Coordinates and responds to regulatory requirements and requests and ensures the execution of examinations.
Applies expert knowledge to utilize or produce analytical material for discussions with cross functional teams to understand business objectives and influence solution strategies.
Leads, assembles, and facilitates cross-functional teams to identify, assess, aggregate, and mitigate current and emerging risk events.
Serves as the point of contact for senior risk leadership on projects and special management requests that often impact the enterprise or core operating area.
Formulates and reviews stress test plans for a line of business or the enterprise.