Westlake - TX, TX2050R, 2050 Roanoke Road, 76262-9616
We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
Through Clients’ Eyes: https://www.youtube.com/watch?v=Qkic76FWat8
In Corporate Risk Management, we provide an integrated risk management strategy that supports the delivery of predictable financial and operational performance in order to produce successful client and shareholder outcomes. We are organized around six primary functions: Bank Risk, Enterprise Risk, Information Security Risk, Market and Investment Risk, Model Risk and Operational Risk. Within each of these areas, we develop a framework for how much risk we are willing to accept as a firm and establish processes for identifying, evaluating, measuring, monitoring and reporting against that framework. In Information Security Risk Management (ISRM), we apply this framework to the use of information and technology by setting and monitoring the implementation of risk-based policies and enhancing the firm’s controls and security countermeasures. Within ISRM, our Strategy team defines the policies, processes, and procedures to govern our Information Security (IS) function; conducts our annual Risk Assessment (RA) and ensures compliance with Policy across the organization.
What you’ll do:
- Test IT controls on a periodic, scheduled basis, across the firm related to Information Security compliance to determine operating effectiveness and appropriateness of control design / alignment with regulatory requirements
- Facilitate planning and preparation of validation kick-off meetings, request/gather testing evidence, assist in performing walkthroughs, document testing work papers, draft reports and present findings and recommendations to third-party management function stakeholders
- Enter compliance testing results and associated findings into Archer (eGRC tool)
- Write testing procedures for the defined control framework for compliance control testing
- Develop compliance testing methodology and process documentation
- Ensure testing framework, practice and methodology are aligned with accepted standards of practice such as AICPA, IAA or ISACA
- Gather relevant information related to the operational status of security controls through various methods including interviewing staff members, and gathering of evidence of compliance controls in place
- Analyze resulting data of compliance testing; Perform QA (Quality Assurance) on peers’ testing and reporting
- Monitor, update and provide consultation on information security risk findings, exceptions and risk acceptances for all information security technology assets
- Recommend control design changes or improvements when needed
- Work with stakeholders across the organization during control testing, remediation efforts or during audits
- Partner with a variety of Technology organization teams, as well as risk-mitigation groups such as Corporate Security, Global Security Organization, the Online Security Team, and Security Technology and Operations
- Enhance the future iterations of compliance controls testing by facilitating the implementation of continuous testing and/or continuous monitoring through compliance testing automation and workflow automation in Archer (eGRC tool) and other tools
- Additional projects and tasks related to Information Security based on business needs and the regulatory environment
What you have:
- At least three years of experience working closely with Information Technology teams and processes is preferred.
- At least five years of experience as an IT Risk or IT Audit professional and a BA/BS degree.
- A depth of knowledge of IT and IS Risk frameworks and methodologies such as COBIT, ISO 27005, ISO 27001/27002, and/or NIST 800-53.
- Experience with compliance testing and information technology audits.
- Prior implementation of IT best practices for key areas such as network controls, including IS concepts in all phases of the software development life cycle, logical access controls and change management.
- Familiarity with ITGC (IT General Control) auditing and risk assessments preferred.
- Exposure to GRC technologies including Archer and OpenPages.
- Prior experience interacting with regulators to evaluate audit reports, network penetration test results, application security assessments and regulatory exams to determine remediation priorities.
- Certificates similar to or including: CISA, CRISC, CISM, CISSP preferred.
- Proficiency in Excel is required.
- Experience performing data analytics and associated reporting preferred.
What you’ll get:
- Comprehensive Compensation and Benefits package
- Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
- Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
- Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
- Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
- Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab.
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
||English - spoken
|Current Licenses / Certifications:
|Relevant Work Experience:
||Accounting and Finance-2-5 yrs, Internal Audit, Accounting and Finance-6+ yrs, Risk Analysis, Compliance
|Position Located In:
||TX - Austin, AZ - Phoenix, TX - Westlake
Activation Date: Friday, September 8, 2017
Expiration Date: Monday, October 16, 2017