Why USAA?
Let’s do something that really matters.
At USAA, we have an important mission: facilitating the financial security of millions of U.S. military members and their families. Not all of our employees served in our nation’s military, but we all share in the mission to give back to those who did. We’re working as one to build a great experience and make a real impact for our members.
We believe in our core values of honesty, integrity, loyalty and service. They’re what guides everything we do – from how we treat our members to how we treat each other. Come be a part of what makes us so special!
The Opportunity
Our dedicated Audit Manager - Cybersecurity, leads and executes complex technology and information/cyber security (IT/IS) audit engagements throughout the audit lifecycle, to include understanding of horizontal and vertical business impacts, integrating audits with IT, analytics, and projects and reviewing work papers. Creates and independently performs complex work assignments and problem resolution in support of risk-based assurance and advisory IT/IS engagements. Leverages results from engagements and continuous monitoring activities to assist Audit Leadership in updating risk assessments. Adheres to the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing (Standards) and Code of Ethics.
We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in one of the following locations: San Antonio, TX; Plano, TX; Tampa FL or Charlotte, NC. Relocation assistance is not available for this position.
What you'll do:
Primarily serves as Auditor-in-Charge (AIC) and main point of contact for the business through IT/IS Audit engagements.
Leads and executes complex IT/IS audit engagements throughout the audit lifecycle and leads continuous monitoring and advisory activities, special reviews, and investigations.
Manages day to day engagement-related efforts and assignments of Audit team members with varying degrees of expertise and experience when conducting engagements as the Auditor-in-Charge (AIC).
Develops and independently updates IT/IS risk and control matrix at the engagement level for each engagement.
Performs detailed review of work by team members; providing feedback/questions and completes audit team end of engagement evaluations when applicable.
Ensures engagements are completed objectively, professionally, and in accordance with corporate and industry audit standards. Makes recommendations for severity ratings to Senior IT Audit Manager and Director.
Identifies control weaknesses and opportunities for improvement in the current operating environment and provides recommendations for corrective action; drafts the related audit issues and audit reports for issuance to respective client leadership.
Communicates effectively with the business/clients and delivers risk-based and difficult messages regarding issues and control weaknesses to ensure proper risk assurance coverage.
Provides day to day coaching guidance and on the job training to team members to ensure development, quality, and timely audit engagement deliverables.
What you have:
Bachelor’s degree; four additional years of related experience beyond minimum required may be substituted in lieu of a degree.
6 years of audit or controls experience in a financial services or technology/information security environment.
2 years audit experience in the technology and/or information security (IT/IS) areas.
Experience performing internal audits, external audits, or applying audit, risk, or compliance acumen in a complex operational and regulatory environment.
Working knowledge of IT/IS controls in areas to include Technology infrastructure management and platforms (e.g., mainframe, midrange, distributed), Network architecture and security (e.g., network segmentation, firewalls, proxies, encryption protocols, endpoint protection).
Knowledge of internal audit principles to examine, analyze, assess, and draw conclusions from audit work and present findings to multiple audiences.
Demonstrated experience effectively communicating and challenging IT/IS Controls with business partners and leaders.
Understanding of IT/IS risks and internal controls and the ability to evaluate and determine adequacy and efficiency of controls.
Experience mentoring and providing feedback to team members.
Demonstrated experience in highly dynamic environment and ability to deal with competing priorities.
Knowledge of specific industry frameworks and standards to include COBIT, NIST 800-53, NIST CSF, CRI Profile, OWASP, STIGs, CIS Benchmarks, ISO 27001/2, SOC 2, PCI DSS, ITIL, and FFIEC booklets (e.g., information security, business continuity, etc.).
Experience with compliance requirements including GDPR, GLBA, and CCPA.
Knowledge of large financial services regulations (e.g., Office of the Comptroller of Currency’s Heightened Standards and Federal Reserve Board’s Large Financial Institution Rating System).
What sets you apart:
The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
What we offer:
Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. The salary range for this position is: $120,550 - $230,400. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors.
Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals.
For more details on our outstanding benefits, please visit our benefits page on USAAjobs.com.
Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting.
USAA is an equal opportunity and affirmative action employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, national origin, age, disability, genetic information, protected veteran status, or any other legally protected characteristic.