Cyber Security Operations Business Architect

Why USAA?

Community: Enterprise Information Security Jobs that are part of a community have unique requirements established to maintain consistent application, usage and reporting structure. Please reach out to your HR Business Partner for additional information on specific requirements prior to posting and/or employee placement into this job.

Investigates, analyzes, and responds to security anomalies and events (e.g. suspicious behavior, attacks, and security breaches) within USAA’s environments using a variety of cyber defense tools to detect and respond to threats. Conducts vulnerability, security configuration, and/or penetration testing assessments of systems and networks. Identifies cyber threats, analyzes operational impacts, and communicates to appropriate stakeholders. Stays current with latest information security threats, exploits, trends, and intelligence.

The Opportunity

Tasks:

• Influences and leads efforts across the Information Security department and enterprise as a subject matter expert in their domain.
• Leads research efforts and analysis of the latest information security vulnerabilities, threats, exploits, trends and intelligence. Shares intelligence with the enterprise. Collaborates in the Intelligence community with external organizations.
• Serves as subject matter expert, leads, and improves the vulnerability management, security configuration assessment, and/or penetration testing programs.
• Develops analysts through training and knowledge sharing activities.
• Monitors internal and external networks, systems, and applications for advanced security anomalies and events (e.g. suspicious behavior attacks, and security breaches). Trains analysts in incident detection and response. Leads and improves the incident response program.
• Leads and responds to cyber incidents, performing detailed analysis using complex security tools to determine root cause and impact by using  a broad range of demonstrated experience (e.g. forensics, networking, servers, coding, etc.) to determine a malicious actor's tactics, techniques, and procedures. Acts as leader for cyber incidents.
• May testify as expert witness in court.
• Incorporates discoveries from the incident response process to substantially improve the existing detection capabilities, operational processes, security controls, and overall program.
• Prepares and delivers written and verbal briefs with recommendations to senior leadership and external parties on latest threats, alerts, incidents, and improvements.
• Drives and directs quality work efforts. Serves as the primary resource for cross-functional team members on escalated issues of a unique nature.
• Maintains expert level knowledge of USAA Information Security standards as well as industry information security best practices, frameworks, laws, and regulations.
• Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures.

Minimum Education:

• Bachelor’s degree; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree.

Minimum Experience:

• 8 years of related experience in Information Security, Cybersecurity and/or Information Technology with a security focus to include accountability for complex tasks and/or projects.
• 6 years of related experience in one of the following domains: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security.
• Expert level of business acumen in the areas of business operations, risk management, industry practices and emerging trends.
• Experience performing security reviews to identify gaps, resulting in recommendations for inclusion in risk mitigation strategies.
• Experience investigating potentially malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.

Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting.

 

USAA is an equal opportunity and affirmative action employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, national origin, age, disability, genetic information, protected veteran status, or any other legally protected characteristic.