Charles Schwab Managing Director - Security Monitoring & Incident Response in Phoenix, Arizona

We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck at over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Opportunity:

Expected to serve as ‘first line of defense’ strategic resource and provide awareness of internal and external environment issues and trends in direct partnership with the Threat Intelligence Team, through continuous review/growth of the following knowledge: security aspects of the financial and other applicable industries, technologies, regulations, and business practices in light of rapid technology advances and regulatory reform; industry information security frameworks, best practices, and reporting methods in response to increasing demand for transparency and accountability; and the Firm’s business strategy, information assets, changing technology, and security risks/controls. Promotes a team spirit and enthusiastic work team, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others.

Play a critical role in assisting the Security Technology & Operations team in driving information security to the next level. At Schwab, this role plays an essential part in safeguarding our clients’ data, their future, and our brand by identifying highly technical risks within systems and applications.

What you’ll do:

  • Maturing and leading a ‘first line of defense’ security incident monitoring & response function involving highly tactical, technical, and defensive incident response processes

  • Maintain laser focus on maturing and building comprehensive, highly technical, automated/orchestrated and manual defensive practices using a variety of commercial, open source, and highly customized homegrown tooling

  • Help develop and participate in a collaborative approach to threat hunting, threat monitoring and analysis, and appropriate remediation activities in a direct ‘first line of defense’ partnership with Security Operations

  • Providing valuable intelligence via feedback loops into the Firm’s Cyber Threat Intelligence functions

  • Build, maintain, and manage a large team of incident responders and security analysts

  • Mature and manage a scalable and repeatable enterprise security incident response methodology

  • Supervise staff, including providing development and coaching

  • Identify improvements to business processes and methodologies

  • Provide management and leadership to the security professionals on your team

  • Interface with peer departments within Security Technology & Operations, as well as IS Risk Management and technical platform teams to address concerns, and provide consultation to Governance functions on risks and escalations

  • Ensure that company-wide intelligence is consistently integrated into the threat model – determine threat impacts across business and technology lines

  • Review incident reports, determine their severity, and socialize accordingly to help facilitate long-term remediation

  • Build positive, productive relationships with business and technology leadership

Other responsibilities include guiding execution of all aspects of their team's strategy, delivery of services, maintaining quality, and stakeholder satisfaction. Job duties include assisting leadership in establishing the strategic direction of work teams or service lines, overseeing the team's design and implementation of new or enhanced processes and tools, and discovery and analysis of business or system information. Also, helps identify and evaluate security and solution implications across multiple business and technology areas. Supervises the daily activities of staff, including helping manage the team's work load and providing challenging and meaningful work assignments that capitalize on team member strengths.

What you have:

Minimum of 8 years of experience in one or more of the following areas is required: Information Security, Information Technology, project management, business or security informatics, penetration testing, threat intelligence, audit & assurance, Enterprise Risk Management, Corporate Compliance, security architecture/design strategy, policy or controls development, compliance readiness assessments (i.e. PCI, SOX, GLBA, FFIEC, etc.), system analysis and implementation, or related function. In addition, a minimum of 3 years of direct supervisory or management experience is required. Previous experience as a leader within an enterprise security incident response function is required.

Desired Certifications:

CISSP, GIAC, CISM, or security equivalent.

Other Qualifications:

  • Expert understanding of the security incident response process and applicable toolsets

  • Expert understanding of application/system/infrastructure security monitoring and applicable toolsets

  • Thorough understanding of network protocols

  • Mastery of Mac, *nix, Windows, and mobile operating systems

  • Experience with programming/scripting languages

  • Knowledge of the current threat landscape

  • Knowledge of network based services and client/server applications

  • Knowledge of enterprise systems, network and security infrastructure

  • Other Required Skills

  • Exceptional administrative, organizational and problem solving skills

  • Ability to successfully interface with leadership and engineers alike

  • Ability to document and explain technical details to technical staff and executives

  • Background in operational information security disciplines (e.g. application security assessment, penetration testing, vulnerability management, or threat research)

  • Experience in leveraging intelligence feeds and products to prioritize blue team response functions

  • Basic understanding of big data analytics

You demonstrate these behaviors:

Innovative: Defines a compelling vision of the future, and develops breakthrough ideas, whether big or small, that support that vision.

Disciplined: Highly disciplined in how resources are used; designs and champions ideas to drive efficiency.

Courageous: Displays confidence and courage in talent and business decisions, actions, and communications; does the difficult or unpopular when it’s right.

Collaborative: Capitalizes on the diverse experience and expertise of colleagues and builds commitment around vision and priorities.

What you’ll get:

  • Comprehensive Compensation and Benefits package.

  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts.

  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program.

  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions.

  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships.

  • Not just a job, but a career, with an opportunity to do the best work of your life.

Learn more about Life@Schwab at" .

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.

Position Located In: AZ - Phoenix