Charles Schwab Technical Director - Security Incident Monitoring & Response in Phoenix, Arizona
We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck at http://www.aboutschwab.com/about/leadership/charles_schwab over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
As the Technical Director, you are expected to serve as ‘first line of defense’ strategic technical resource and provide awareness of, and response to internal and external threats and trends in direct partnership with the Threat Intelligence Team, and through continuous review/growth of the following knowledge: Enterprise incident management, security aspects of the financial and other applicable industries, technologies, regulations, and business practices in light of rapid technology advances and regulatory reform; industry information security frameworks, best practices, and reporting methods in response to increasing demand for transparency and accountability; and the Firm’s business strategy, information assets, changing technology, and security risks/controls. Promotes a team spirit and enthusiastic work team, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others.
What you’ll do:
Play a critical role in assisting the Security Technology & Operations team in driving information security to the next level. At Schwab, this role plays an essential part in safeguarding our clients’ data, their future, and our brand by identifying highly technical risks within systems and applications. This role is responsible for:
Maturing and providing technical leadership for a ‘first line of defense’ security incident monitoring & response function involving highly tactical, technical, and defensive incident response processes
Maintain laser focus on maturing and building comprehensive, highly technical, automated/orchestrated and manual defensive practices using a variety of commercial, open source, and highly customized homegrown tooling
Help develop and participate in a collaborative approach to threat hunting, threat monitoring and analysis, and appropriate remediation activities in a direct ‘first line of defense’ partnership with Security Operations
Providing valuable intelligence via feedback loops into the Firm’s Cyber Threat Intelligence functions
Mature and manage a scalable and repeatable enterprise security incident response methodology
Identify improvements to business processes and methodologies
Provide technical expertise and leadership to the security professionals on your team
Interface with peer departments within Security Technology & Operations, as well as IS Risk Management and technical platform teams to address concerns, and provide consultation to Governance functions on risks and escalations
Ensure that company-wide intelligence is consistently integrated into the threat model – determine threat impacts across business and technology lines
Review incident reports, determine their severity, and socialize accordingly to help facilitate long-term remediation
Build positive, productive relationships with business and technology leadership
Other responsibilities include guiding execution of all aspects of their team's strategy, delivery of services, maintaining quality, and stakeholder satisfaction. Job duties include assisting leadership in establishing the strategic direction of work teams or service lines, providing direction on the team's design and implementation of new or enhanced processes and tools, and discovery and analysis of business or system information. Also, helps identify and evaluate security and solution implications across multiple business and technology areas.
What you ha ve:
Minimum of 8 years of experience in one or more of the following areas is required: Information Security, Enterprise Security Monitoring & response (Blue Team), Information Technology, project management, business or security informatics, penetration testing, threat intelligence, audit & assurance, Enterprise Risk Management, Corporate Compliance, security architecture/design strategy, policy or controls development, compliance readiness assessments (i.e. PCI, SOX, GLBA, FFIEC, etc.), system analysis and implementation, or related function. Previous experience as a technical leader within an enterprise security incident response function is required.
CISSP, CISM, GCIA, GCFA, GREM or security equivalent.
Expert understanding of the security incident response process and applicable toolsets
Expert understanding of application/system/infrastructure security monitoring and applicable toolsets
Expert understanding and hands on capabilities with Splunk
Thorough understanding of network protocols
Mastery of Mac, *nix, Windows, and mobile operating systems
Experience with programming/scripting languages
Knowledge of the current threat landscape
Knowledge of network based services and client/server applications
Knowledge of enterprise systems, network and security infrastructure
Other Required Skills
Exceptional administrative, organizational and problem solving skills
Ability to successfully interface with leadership and engineers alike
Ability to document and explain technical details to technical staff and executives
Background in operational information security disciplines (e.g. application security assessment, penetration testing, vulnerability management, or threat research)
Experience in leveraging intelligence feeds and products to prioritize blue team response functions
Basic understanding of big data analytics
You demonstrate these behaviors:
Innovative: Defines a compelling vision of the future, and develops breakthrough ideas, whether big or small, that support that vision.
Disciplined: Highly disciplined in how resources are used; designs and champions ideas to drive efficiency.
Courageous: Displays confidence and courage in talent and business decisions, actions, and communications; does the difficult or unpopular when it’s right.
Collaborative: Capitalizes on the diverse experience and expertise of colleagues and builds commitment around vision and priorities.
What you’ll get:
Comprehensive Compensation and Benefits package.
Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts.
Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program.
Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions.
Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships.
Not just a job, but a career, with an opportunity to do the best work of your life.
Learn more about Life@Schwab at http://www.aboutschwab.com/careers/lifeatschwab/" .
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
Position Located In: AZ - Phoenix