Charles Schwab Managing Director - Cyber Resiliency in Lone Tree, Colorado


Lone Tree - CO, DENR2, 9800 Schwab Way, 80124

Cameron Ellsworth


We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck at over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Opportunity:

The role is in the second line of the three lines of defense model and is required to strengthen the second line Information Security Risk Management program. Oversight of this key operational risk will be delivered by independently reviewing, challenging, and reporting on Schwab’s management of these risks.

What you’ll do:

The Managing Director of the Cyber Resilience team will lead the execution of a fully independent program, which will include but are not limited to oversight of the following components:

  • Familiarity of relevant information security standards and frameworks (i.e., NIST CSF, CERT-RMM, SP 800-160, MITRE ATT&CK Framework, and other relevant guidance

  • Build out of the firm’s Cyber Resilience Program

  • Oversee teams of both internal and external penetration testers

  • Performance of risk assessments

  • Vulnerability management oversight and validation

  • Management of security related events of information systems

  • Perform ongoing assessment of Information Security Risk Policy, Enterprise Operating Guideline and supporting Directives

  • Collaborate with the first line of defense (1LOD) to establish and renew KRIs

  • Challenge and report on significant and material information security incidents and Operational Risk Events (OREs)

  • Recommend new first line processes for oversight

  • Maintain real-time dashboard of Information Security Risk profiles across Schwab’s Business Groups

  • Conduct annual NIST Cyber Security Framework challenge and report on significant and material observations and gaps

  • Stay current with industry best practices and trends

  • Establish influential relationships with key stakeholders. Influence innovative solutions in response to constraints and conduct challenges in a professional manner

  • Apply creative problem solving skills to broadly defined and occasionally nebulous problems

  • Aggregate and author information security risk information for quarterly reporting and provide challenge as appropriate for the Operational Risk & Compliance Committee (ORCC) and Risk & Conduct Review Committee (RCRC)

What you have:

  • Bachelor's Degree; advanced degree preferred

  • Relevant professional certification required

  • Five or more years of penetration testing program management experience

  • Five or more years of software development experience across web, mobile, and API preferred

  • Hands-on experience with security testing of web apps, mobile apps, and APIs

  • Hands-on experience identifying and exploiting flaws in business logic and functionality

  • Expert knowledge of penetration testing tools

  • Expert knowledge in OWASP Top 10 and testing methodologies

  • Knowledge of and experience in ensuring penetration testing program compliance to industry standards

  • Knowledge of offensive security techniques including reverse engineering, digital forgery, encryption attacks, debugging, defeating anti-debugging, man in the middle attacks, logic flaws, and hardware and software exploits preferred

  • Strategy development and strong technical leadership experience

  • Track record of innovation, results, and ability to collaborate and affect change across functions

  • Demonstrated management and leadership experience with teams of 10 people or more

  • Proven ability to coordinate with geographically disbursed teams to drive results

  • Ability to communicate complex technical topics and facilitate discussions with business and technology leaders and peers

  • Ability to design, implement, and operate processes and methodologies in a manner that effectively supports business and information security objectives

  • Strong written and verbal communication, interpersonal, presentation, and negotiation skills

  • Demonstrated collaboration skills along with the ability to influence without authority

What you’ll get:

  • Comprehensive Compensation and Benefits package

  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts

  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program

  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions

  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships

  • Not just a job, but a career, with an opportunity to do the best work of your life

Learn more about Life@Schwab at" .

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law. Schwab also does not discriminate against applicants or employees because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. At Schwab, we believe that every employee, through their diverse abilities and experiences, can contribute to our growth, innovation and client loyalty. We embrace diversity and are committed to providing equal opportunity to all employees and applicants. If you have a disability, and require reasonable accommodations in the application process, call Human Resources at 800-725-3535. We will be happy to assist you. Schwab will only share your accommodation request with those individuals who have a specific need to know. The request for an accommodation will not affect Schwab's hiring decisions. All other submissions should be performed online.

Job Specifications

Relocation Offered?: No

Work Schedule: Days

Languages: English - spoken

Current Licenses / Certifications: None

Relevant Work Experience: IT-Other Specialty Engineering-2-5 yrs, IT-Distributed and Web Development-less than 2yrs, IT-Mainframe (Systems Prog/App Dev)-2-5 yrs, IT-Management/Technical Project Mgmt-2-5 yrs, Risk Analysis

Position Located In: CO - Lone Tree

Education: BA/BS

Job Type: Full Time

Category:Risk Management

Activation Date: Tuesday, January 8, 2019

Expiration Date: Friday, February 1, 2019

Apply Here