Charles Schwab Technical Director - Security Incident Monitoring & Response in Phoenix, Arizona

We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck at http://www.aboutschwab.com/about/leadership/charles_schwab over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Opportunity:

As the Technical Director, you are expected to serve as ‘first line of defense’ strategic technical resource and provide awareness of, and response to internal and external threats and trends in direct partnership with the Threat Intelligence Team, and through continuous review/growth of the following knowledge: Enterprise incident management, security aspects of the financial and other applicable industries, technologies, regulations, and business practices in light of rapid technology advances and regulatory reform; industry information security frameworks, best practices, and reporting methods in response to increasing demand for transparency and accountability; and the Firm’s business strategy, information assets, changing technology, and security risks/controls. Promotes a team spirit and enthusiastic work team, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others.

What you’ll do:

Play a critical role in assisting the Security Technology & Operations team in driving information security to the next level. At Schwab, this role plays an essential part in safeguarding our clients’ data, their future, and our brand by identifying highly technical risks within systems and applications. This role is responsible for:

  • Maturing and providing technical leadership for a ‘first line of defense’ security incident monitoring & response function involving highly tactical, technical, and defensive incident response processes

  • Maintain laser focus on maturing and building comprehensive, highly technical, automated/orchestrated and manual defensive practices using a variety of commercial, open source, and highly customized homegrown tooling

  • Help develop and participate in a collaborative approach to threat hunting, threat monitoring and analysis, and appropriate remediation activities in a direct ‘first line of defense’ partnership with Security Operations

  • Providing valuable intelligence via feedback loops into the Firm’s Cyber Threat Intelligence functions

  • Mature and manage a scalable and repeatable enterprise security incident response methodology

  • Identify improvements to business processes and methodologies

  • Provide technical expertise and leadership to the security professionals on your team

  • Interface with peer departments within Security Technology & Operations, as well as IS Risk Management and technical platform teams to address concerns, and provide consultation to Governance functions on risks and escalations

  • Ensure that company-wide intelligence is consistently integrated into the threat model – determine threat impacts across business and technology lines

  • Review incident reports, determine their severity, and socialize accordingly to help facilitate long-term remediation

  • Build positive, productive relationships with business and technology leadership

Other responsibilities include guiding execution of all aspects of their team's strategy, delivery of services, maintaining quality, and stakeholder satisfaction. Job duties include assisting leadership in establishing the strategic direction of work teams or service lines, providing direction on the team's design and implementation of new or enhanced processes and tools, and discovery and analysis of business or system information. Also, helps identify and evaluate security and solution implications across multiple business and technology areas.

What you ha ve:

Minimum of 8 years of experience in one or more of the following areas is required: Information Security, Enterprise Security Monitoring & response (Blue Team), Information Technology, project management, business or security informatics, penetration testing, threat intelligence, audit & assurance, Enterprise Risk Management, Corporate Compliance, security architecture/design strategy, policy or controls development, compliance readiness assessments (i.e. PCI, SOX, GLBA, FFIEC, etc.), system analysis and implementation, or related function. Previous experience as a technical leader within an enterprise security incident response function is required.

Desired Certifications:

CISSP, CISM, GCIA, GCFA, GREM or security equivalent.

Other Qualifications:

  • Expert understanding of the security incident response process and applicable toolsets

  • Expert understanding of application/system/infrastructure security monitoring and applicable toolsets

  • Expert understanding and hands on capabilities with Splunk

  • Thorough understanding of network protocols

  • Mastery of Mac, *nix, Windows, and mobile operating systems

  • Experience with programming/scripting languages

  • Knowledge of the current threat landscape

  • Knowledge of network based services and client/server applications

  • Knowledge of enterprise systems, network and security infrastructure

  • Other Required Skills

  • Exceptional administrative, organizational and problem solving skills

  • Ability to successfully interface with leadership and engineers alike

  • Ability to document and explain technical details to technical staff and executives

  • Background in operational information security disciplines (e.g. application security assessment, penetration testing, vulnerability management, or threat research)

  • Experience in leveraging intelligence feeds and products to prioritize blue team response functions

  • Basic understanding of big data analytics

You demonstrate these behaviors:

Innovative: Defines a compelling vision of the future, and develops breakthrough ideas, whether big or small, that support that vision.

Disciplined: Highly disciplined in how resources are used; designs and champions ideas to drive efficiency.

Courageous: Displays confidence and courage in talent and business decisions, actions, and communications; does the difficult or unpopular when it’s right.

Collaborative: Capitalizes on the diverse experience and expertise of colleagues and builds commitment around vision and priorities.

What you’ll get:

  • Comprehensive Compensation and Benefits package.

  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts.

  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program.

  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions.

  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships.

  • Not just a job, but a career, with an opportunity to do the best work of your life.

Learn more about Life@Schwab at http://www.aboutschwab.com/careers/lifeatschwab/" .

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.

Position Located In: AZ - Phoenix