Information Security Specialist ensuring optimal protection of data and systems at University of Toronto. Implementing security platforms and best practices for data integrity and threat mitigation.
US
Hybrid Senior Information Security & Privacy Advisor – Risk & Controls
Posted 2 months ago
About the role
- Senior Information Security & Privacy Advisor at USAA providing expertise in managing Information Security risks and controls. Responsible for fostering a proactive risk management culture while collaborating with engineering and product teams.
Responsibilities
- Provide critical support and hands-on expertise in managing Information Security and Privacy risks and controls across various technology initiatives
- Identify and assess risks, drive remediation efforts for audit and exam findings, manage security-related issues, and conduct rigorous control testing and validation
- Partner closely with engineering, product, and other business units to ensure robust security controls are implemented and maintained
- Foster a proactive risk management culture
- Responsible for supporting business leader adherence to the established risk framework and ongoing supervision of business controls
- Perform ongoing supervision and oversight of business controls and share knowledge with team members to evaluate their effectiveness
- Responsible for risk data analysis, report preparation, and trend analysis
- Anticipate business needs and proactively identify opportunities to improve and strengthen the control environment
Requirements
- Bachelor’s degree; OR 4 years of related experience may be substituted in lieu of degree
- 6 years of experience supporting risk-related, compliance-related, or business control design activities; OR 6 years of experience in a relevant quantitative discipline; OR Advanced degree or designation in a risk management or quantitative discipline, and 4 years of experience supporting risk-related, and/or compliance-related, or business control design activities; OR PhD in a risk management or quantitative discipline, and 2 years of experience supporting risk-related, and/or compliance-related, or business control design activities
- Deep technical understanding of Cybersecurity principles, common vulnerabilities, and security control mechanisms across various domains (e.g., network security, endpoint security, cloud security, application security)
- Certifications such as CISSP, CISM, CRISC, CIPP, or GIAC certifications are highly desirable
- Familiarity with security frameworks (e.g., NIST Cybersecurity Framework, ISO 27001) and their application in control design and assessment.
- Demonstrated ability to manage complex issues and drive them to resolution in dynamic and uncertain environments
- Excellent communication and interpersonal skills, with the ability to influence and collaborate effectively with technical and non-technical stakeholders.
Benefits
- comprehensive medical, dental and vision plans
- 401(k)
- pension
- life insurance
- parental benefits
- adoption assistance
- paid time off program with paid holidays plus 16 paid volunteer hours
- various wellness programs
- career path planning and continuing education
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Loss Prevention Agent responsible for security and loss prevention in logistics facilities. Ensuring safety and protection of property, clients, employees, and guests within the workspace.
Analyst Relations Manager shaping market understanding of Upwind's innovative cloud and AI security platform. Leading relationships with industry analysts to enhance visibility, credibility, and category leadership.
Sr Network Security Engineer designing security architectures and leading security initiatives for RBC. Collaborating across teams to deliver multi - layered security solutions and mentoring team members in engineering best practices.
Senior Threat Modeller enhancing cybersecurity threat modeling for RBC. Collaborating with diverse teams to improve and implement secure by design principles across the enterprise.
Senior Security Engineer supporting security engineering and SIEM administration at Ardent. Focused on improving threat detection and response within vSOC environments in Washington, D.C.
SY
Mainframe Support Engineer ensuring stability and performance of enterprise mainframe systems. Troubleshooting complex issues and collaborating with development, operations, and security teams for optimal system management.
IAM / IGA Security Engineer designing and implementing identity governance solutions. Collaborating with Security, IT, HR, and business stakeholders to ensure secure access governance.
Senior Consultant helping the Ministry of Defence with large - scale ICT projects and innovations in technology and security. Lead developments in networks and applications in cooperation with Defence Architects.
Software Security Engineer at Spectro Cloud focusing on securing Kubernetes - based platforms for AI infrastructure. Responsible for implementing security controls and managing incident responses across the platform.