Job Description

Your Opportunity
In Corporate Risk Management (CRM), our mission is to execute an independent and coordinated risk management program that supports delivery of predictable long-term financial and operational performance in order to produce successful client and shareholder outcomes. In CRMs Technology Risk Management (TRM), we support CRMs mission by managing information and technology risks to protect client assets, client information and firm assets.

Principal Security Development & Engineering, Cyber Resilience Oversight (CRO) role reports into the Managing Director of CRO, part of the Threat & Vulnerability Risk Management (TVRM) team. As a 2nd line of defense (2LOD) function, this individual contributor role is responsible for collaborating with the broader TRM team as well as 1st line of defense (1LOD) partners to establish, maintain, report on, and continuously mature the Firms cyber resilience posture.

What you are good at

* Lead all aspects of the Cyber Resilience Workshop program, including workshop development, enterprise partnership and coordination, creation of threat models, traceability matrices, and workshop execution and delivery to the business
* Write clear and concise formal reports for both technical and executive level audiences
* Provide thought leadership around cyber resilience, across all areas of Schwab's technology stack
* Provide an independent voice and effective challenge responsive to identified resilience risk, and the risk treatment of said findings
* Participate in strategic and tactical planning
* Champion the inclusion of resilience controls within Schwab's Risk and Control Self-Assessment (RCSA) program by: ensuring technology owners are accurately assessing cyber resilience risk in their environments, identifying breaks in the efficiency of their CR controls, and mitigating discovered gaps
* Partner with other risk oversight functions, technology owners, and 1st line risk managers to drive measurable and sustainable improvements within the control environment
* Prepare regularly-scheduled and ad-hoc reports for management and risk committees regarding status of risk treatment activities
* Contribute in the development of policies, standards, and methodologies for implementation of resilience program elements
* Develop security and risk metrics and report against key security performance indicators

What you have

* 10+ years cyber security experience in a large enterprise environment, within the following areas: Security Architecture, Information Security, IT Risk/Control, Penetration Testing, Cybersecurity Engineering
* Experience building and delivering secure design reviews (threat modeling), traceability matrices, and influencing senior leadership to dedicate resources toward resolution of findings
* Familiarity with system and application vulnerabilities e.g. OWASP, NIST, SANS
* Ability to stay up-to-date of the latest threats, attack techniques, and mitigation strategies.
* Experience planning, coordinating, and executing on large enterprise-level and/or industry-level resilience exercises
* Familiarity with control frameworks, industry standards, and regulatory guidance, including: NIST SP 800-160 vol 2, ISO 27001, FFIEC, ITIL v4, FSSCC Cybersecurity Profile, etc.
* Understanding of the Three Lines of Defense governance model
* Understanding of benefits gained and challenges posed by public cloud infrastructure as it relates to a resilience posture
* Ability to assess and effectively communicate the operational, technical, and financial impact of findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business

Why Schwab?

At Schwab, Own Your Tomorrow embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. Were a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.

Hear from employees: Whats it like to work at Schwab! (https://www.youtube.com/playlist?list=PLctx2TLOKMwZnPckh7rG7OgcEzFCGeDob)

The benefits of working at Schwab (https://content.schwab.com/web/retail/public/about-schwab/charles_schwab_recruitment_guide_2019.pdf): a package designed to empower your health, wealth, career and life.

Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.

As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.) (https://www.aboutschwab.com/EEO)

Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace.

We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.









Sorry the function is not working properly at this moment. Please refresh the page and try again later.

on your newsfeed



Why Schwab?

At Schwab, Own Your Tomorrow embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. Were a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.

Hear from employees: Whats it like to work at Schwab!

The benefits of working at Schwab: a package designed to empower your health, wealth, career and life.
Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.

The posted salary range describes the minimum to maximum range for this job description in the state of Colorado. The salary range is posted in accordance with the Colorado Equal Pay for Equal Work Act. The salary range for this same position may be lower or higher in markets outside of Colorado.

As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.)

Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace.
We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.

Application FAQs

Software Powered by iCIMS
www.icims.com