Investment Management Information Security Officer

Apply Now    
Job ID:
20161205-4091
Job Category:
Risk Management
Relevant Work Experience:
IT-Management/Technical Project Mgmt-6+ yrs
Current Licenses / Certifications:
None
Position Located In:
AZ - Phoenix
Education:
BA/BS
Job Type:
Full Time

We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Culture:

Through Clients’ Eyes: https://www.youtube.com/watch?v=Qkic76FWat8

Our Opportunity:

We are currently offering the opportunity for a dynamic and engaging Information Security professional to join our Information Security Risk Management Team as an Investment Management Information Security Officer. In this role, you will be responsible for managing Charles Schwab Investment Management (CSIM) and smaller independent advisors’ information security programs and supporting policies and procedures. You will be the business lead for all information security needs for CSIM-related technology platforms and third-party relationships (with both affiliates and vendors).

What you’ll do:

  • Create and implement a comprehensive CSIM Information Security Program and provide oversight to the overall information security landscape for an Investment Management firm.
  • Develop an information security program plan to include key objectives, deliverables, and milestones.
  • Map program to CSIM Information Security program policy.
  • Update policy and procedures to ensure effective coverage of all Graham Leach Bliley (GLBA) regulatory requirements.
  • Prepare and deliver monthly and quarterly updates and program status reporting to CSIM Committees and Boards of Directors as required.
  • Ensure technology vendors have adequate information security procedures and reporting.
  • Assess the information security risk associated with CSIM technology service providers as part of the overall risk assessment process.
  • Oversee the employee awareness and testing components of the CSIM Information Security Program.
  • Ensure Oversight from a business lead perspective, security for vendor relationships for the CSIM – both affiliate and third-party relationships.
  • Ensure appropriate security oversight and review to meet CSIM regulatory needs – including, but not limited to, compliance management, information security and business continuity
  • Ensure vendors/affiliates compliance with CSIM security and policies and procedures, state and federal regulations and other regulatory guidelines
  • Monitor and oversee affiliate/vendor performance against security and business continuity and disaster recovery policies; address and resolve any escalation issues with vendor
  • Report to CSIM Management on vendor performance, risks and issues related to security and business continuity and disaster recovery.
  • Provide oversight of client and staff application and data access as it relates to the CSIM’s information security program.
  • Oversee the risk assessment process conducted for CSIM technology services and related CSIM products and services
  • Ensure implementation of Archer risk management system and Guardium database security system to provide oversight of CSIM information.
  • Annually assess the risk associated with CSIM technology service providers per the CSIM’s vendor management policy and procedures
  • Adjust monitoring activities based on the results of the risk assessment process
  • Review and comment on risk assessments for new CSIM products and services
  • Work with the parent company Information Security program to develop and write responses to technology security related audit and regulatory inquiries, working with vendors and affiliate
  • Gather necessary information for the audit/regulators
  • Resolve any CSIM platform related audit issues across vendor/affiliate relationships
  • Track and report on resolution of items to CSIM Management.
  • Manage CSIM responses to technology project related audit and regulatory inquiries in the areas of risk assessments and information security.
  • Gather necessary information for the audit/regulators and present information directly to CSIM regulators as requested during exams
  • Track, oversee, and report on status of all regulatory items; ensure items are completed by the deadline and the necessary documentation is provided.
  • Ensure compliance with all CSIM security policies and procedures, as well as all applicable regulatory requirements in the context of their responsibilities.

What you have:

  • Bachelor’s degree in Computer Science or a related field plus CISSP, CISM, or equivalent certification is preferred
  • 6+ years project or program management
  • Financial Services industry experience preferred
  • Understanding of applicable regulatory requirements/laws such as PCI, FFIEC, GLBA, SOX, etc.
  • Well-rounded understanding of ISO & NIST frameworks
  • Capacity to embrace change and quickly adapt to new situations, changes in direction, and altering priorities
  • Experience gathering performance metrics to present to upper levels of management
  • Excellent interpersonal/communication, presentation, and technical writing skills
  • Track record of working with third party and affiliates groups in a geographically distributed environment in the design and deployment of an information security program and its associated policies and procedures
  • Experience in developing a technology oversight and monitoring program for a financial institution
  • Demonstrated ability to manage multiple high-priority projects and priorities
  • Strong client focus; strong relationship building skills a must

What you’ll get:

  • Everyday Wellness: Healthy Rewards, Onsite Fitness Classes, Healthy Choices, Wellness Champions
  • Financial Fitness: 401k Match, Employee Discounts, Personalized advice, Brokerage discounts
  • Work/Life Balance: Sabbatical, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer
  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
  • Not just a job, but a career, with an opportunity to do the best work of your life

 


Learn more about Life@Schwab.


Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.


Position Located In:AZ - Phoenix
Apply Now    

Brokerage Products: Not FDIC Insured • No Bank Guarantee • May Lose Value

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law. Schwab also does not discriminate against applicants or employees because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

At Schwab, we believe that every employee, through their diverse abilities and experiences, can contribute to our growth, innovation and client loyalty. We embrace diversity and are committed to providing equal opportunity to all employees and applicants. If you have a disability, and require reasonable accommodations in the application process, call Human Resources at 800-725-3535. We will be happy to assist you. Schwab will only share your accommodation request with those individuals who have a specific need to know. The request for an accommodation will not affect Schwab’s hiring decisions. All other submissions should be performed online.

The Charles Schwab Corporation provides a full range of securities, brokerage, banking, money management, and financial advisory services through its operating subsidiaries. Its broker-dealer subsidiary, Charles Schwab & Co., Inc. (“Schwab”), Member SIPC , offers investment services and products, including Schwab brokerage accounts. Its banking subsidiary, Charles Schwab Bank (member FDIC and an Equal Housing Lender), provides deposit and lending services and products.