Audit Manager - Cybersecurity

Company: USAA
Location: San Antonio
Posted on: April 21, 2025

Job Description:

Why USAA?At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families.Embrace a fulfilling career at USAA, where our core values - honesty, integrity, loyalty and service - define how we treat each other and our members. Be part of what truly makes us special and impactful.The OpportunityAs a dedicated Audit Manager you'll lead and execute complex technology and information/cyber security (IT/IS) audit engagements throughout the audit lifecycle, to include understanding of horizontal and vertical business impacts, integrating audits with IT, analytics, and projects and reviewing work papers. Create and independently perform complex work assignments and problem resolution in support of risk-based assurance and advisory IT/IS engagements. This role leverages results from engagements and continuous monitoring activities to assist Audit Leadership in updating risk assessments.Adheres to the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing (Standards) and Code of Ethics.We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in one of the following locations: San Antonio, TX; Plano, TX or Charlotte, NC. Relocation assistance is not available for this position.What you'll do:

• Primarily serves as Auditor-in-Charge (AIC) and main point of contact for the business through IT/IS Audit engagements. -
• Leads and executes complex IT/IS audit engagements throughout the audit lifecycle and leads continuous monitoring and advisory activities, special reviews, and investigations.
• Manages day to day engagement-related efforts and assignments of Audit team members with varying degrees of expertise and experience when conducting engagements as the Auditor-in-Charge (AIC).
• Develops and independently updates IT/IS risk and control matrix at the engagement level for each engagement.
• Performs detailed review of work by team members; providing feedback/questions and completes audit team end of engagement evaluations when applicable.
• Ensures engagements are completed objectively, professionally, and in accordance with corporate and industry audit standards. Makes recommendations for severity ratings to Senior IT Audit Manager and Director.
• Identifies control weaknesses and opportunities for improvement in the current operating environment and provides recommendations for corrective action; drafts the related audit issues and audit reports for issuance to respective client leadership.
• Communicates effectively with the business/clients and delivers risk-based and difficult messages regarding issues and control weaknesses to ensure proper risk assurance coverage.
• Provides day to day coaching guidance and on the job training to team members to ensure development, quality, and timely audit engagement deliverables.What you have:
  • Bachelor's degree; four additional years of related experience beyond minimum required may be substituted in lieu of a degree.
  • 6 years of audit or controls experience in a financial services or technology/information security environment.
  • 2 years audit experience in the technology and/or information security (IT/IS) areas.
  • Experience performing internal audits, external audits, or applying audit, risk, or compliance acumen in a complex operational and regulatory environment.
  • Working knowledge of IT/IS controls in areas to include Technology infrastructure management and platforms (e.g., mainframe, midrange, distributed), Network architecture and security (e.g., network segmentation, firewalls, proxies, encryption protocols, endpoint protection).
  • Knowledge of internal audit principles to examine, analyze, assess, and draw conclusions from audit work and present findings to multiple audiences.
  • Demonstrated experience effectively communicating and challenging IT/IS Controls with business partners and leaders.
  • Understanding of IT/IS risks and internal controls and the ability to evaluate and determine adequacy and efficiency of controls.
  • Experience mentoring and providing feedback to team members.
  • Demonstrated experience in highly dynamic environment and ability to deal with competing priorities.
  • Knowledge of specific industry frameworks and standards to include COBIT, NIST 800-53, NIST CSF, CRI Profile, OWASP, STIGs, CIS Benchmarks, ISO 27001/2, SOC 2, PCI DSS, ITIL, and FFIEC booklets (e.g., information security, business continuity, etc.).
  • Experience with compliance requirements including GDPR, GLBA, and CCPA.
  • Knowledge of large financial services regulations (e.g., Office of the Comptroller of Currency's Heightened Standards and Federal Reserve Board's Large Financial Institution Rating System).What sets you apart:
    • Internal audit experience within the financial services industry
    • Information and Cybersecurity (e.g., cyber threat detection and response, threat intelligence, Red Team exercises, insider threat, logging and monitoring, security information and event management (SIEM), secure baseline configuration management and drift monitoring, vulnerability and patch management, device/endpoint security, antivirus, and third-party security)
    • Certified Information System Auditor (CISA) or other relevant IT certificationCompensation: The salary range for this position is: $114,080 - $218,030Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. -Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors.The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. -Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. -For more details on our outstanding benefits, visit our benefits page on USAAjobs.com.Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. -USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Keywords: USAA, Pflugerville , Audit Manager - Cybersecurity, Executive , San Antonio, Texas