Austin - TX, AUSTINB, 12401 Research Blvd, 78759
We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
We are currently offering the opportunity for a dynamic and engaging Information Security Leader to join our Information Security Risk Management Team as the Senior Analyst, Insider Threat. For the past two years, the Cyber Security program’s primary focus has been on defending against external threats. In this role you will develop policies and standards in support of creating an Insider Threat program and create practical use cases for monitoring of internal threats from a second line of defense perspective. Insider threat is critical to Schwab's success as regulators continue to sharpen their focus on this area.
You will also be responsible for leading the efforts to create and manage Charles Schwab’s overarching Insider Threat strategies and policies. You will work with Charles Schwab leadership, businesses, subsidiaries, teams, and partners to determine an Insider Threat strategy to effectively safeguard Charles Schwab’s information assets; particularly our clients' information, and to maintain a culture of security through its Insider Threat program.
What you’ll do:
- Define business, technical, and operational requirements and objectives for an Insider Threat program framework
- Create and implement a comprehensive holistic Insider Threat Strategy in a heterogeneous and decentralized computing environment with a variety of users including employees, business partners, and customers utilizing many different types of end devices. Key areas of focus involve ensuring appropriate insider threat oversight, implementation and review. Other areas of focus will include reviewing policy documents and identifying any possible security gaps with the proposed Insider Threat strategy.
- Define and work with applicable groups to enforce limits over access
- Detection of unauthorized activity
- Deterrence, education and awareness
- Mitigation of unauthorized activity
- Response to unauthorized activity
- Ensure Insider Threat strategy reflects business and regulatory drivers without affecting operational efficiency
- Update existing policies to reflect strategy
- Work closely with internal audit and regulatory bodies (GLBA, FFIEC, etc)
- Manage responses to Insider Threat related audit and regulatory inquiries
- Manage responses to Insider Threat related inquiries from Charles Schwab leadership, businesses, subsidiaries, teams, and partners
- Additional projects and tasks may be included based on business needs and the regulatory environment.
What you have:
- At least 8 years of experience as an Information Security practitioner, with increasing leadership responsibility for both people and projects
- Substantial hands-on experience managing an Insider Threat program
- Experience working with ISO framework
- Understanding of applicable regulatory requirements/laws such as PCI, FFIEC, GLBA, SOX, etc.
- Ability to effectively communicate with technical and executive audiences, both oral and written is required
- Experience interfacing with auditors in support of audits and external regulatory exam processes is required
- Experience in gathering requirements, documenting and assessing information for implementing information security controls is required
- Strong interpersonal, analytical, problem-solving, influencing, prioritization, decision-making and conflict resolution skills
- Strong initiative; self-starter; self-directed; ability to multi-task
- Experience in project planning, meeting facilitation for multiple groups and projects is preferred
- Bachelor’s degree in Computer Science or a related field, and ITPM, CISSP, CISM, or equivalent certification is preferred
What you’ll get:
- Comprehensive Compensation and Benefits package
- Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
- Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
- Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
- Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
- Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab.
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
||English - spoken
|Current Licenses / Certifications:
|Relevant Work Experience:
||No Work Experience
|Position Located In:
||TX - Austin
Activation Date: Wednesday, June 7, 2017
Expiration Date: Saturday, July 22, 2017