We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
The CTI Team is responsible for providing analysis on relevant threats to the Schwab environment in support of the overall Active Defense effort. Through the collection and analysis of threat information and historical data from various sources, the CTI team attempts to provide predictive analysis to guide overall Firm security strategy. In addition, the CTI team is key in providing additional tactical context and support to the Security Monitoring & Incident Response teams. The CTI team assists in improvement of all security functions through the creation of metrics, threat reports and briefings, threat indicators, and content for both detective and preventative controls.
What you’ll do:
The Technical Director of Cyber Threat Intelligence is primarily responsible for analyzing, and directing the analysis of, various sources of threat related data using standard toolsets and methodologies in search of patterns relating to potential threats to the Firm in support of providing risk related recommendations for action. They will provide guidance and mentoring for analysts in research and intelligence tradecraft. Technical Directors will additionally partner and consult on new security detection/prevention content and capabilities with cross functional teams to ensure all tools and capabilities are tuned to properly detect, alert and prevent.
What you have:
- 12+ years working within an information security-related discipline
- 5+ years' experience in one of the following:
- 3+ years working as a SOC/CIRT team lead.
- Network operations or engineering
- System administration on Unix, Linux, or Windows
- Offensive security (penetration testing/vulnerability scanning)
- 5+ years working as a Cyber Threat Intelligence Analyst
- Experience with a Threat Intel Platform (e.g. Anomali, Threat Quotient, ThreatConnect)
- Experience with relationship visualization software (e.g. Maltego, Palantir)
- In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)
- Advanced understanding of network protocols and network traffic analysis. Ability to dissect packet captures and identify anomalies
- Experience developing custom IDS and Yara signatures based on the results on your analysis
- Involved with information security sharing communities, working groups, and trust groups
- History with presenting at information security conferences, local user groups, etc...
- A passion for learning and teaching. A desire to train and mentor internal resources
- The ability to analyze, track, and report on threat campaigns targeting Charles Schwab and/or the financial industry as a whole
- Extensive experience in topic research and data analytics
- Ability to perform vulnerability analysis and advise leadership and key stakeholders on the assessed risk and urgency
- Proficient in one or more scripting languages (Python preferred). Contributions to open source projects a plus
- Knowledge of User Behavior Analysis
- Knowledge of honeypots/honeynets
- Strong written and verbal communication skills required. Must have the ability to effectively communicate to both highly technical and executive audiences
- Demonstrated ability to work in a team environment, able to train and coach other team members
- Industry certifications such as GIAC (specifically GCIH, GCIA, and GREM), CISSP and OSCP preferred. Formal Cyber Threat Intelligence training such as SANS FOR578 or Treadstone 71 a plus.
- Education: Bachelor’s degree in a technical field (i.e. Computer Science, Computer Engineering, Intelligence Analysis) preferred, but not required
You demonstrate these behaviors:
Curious: Constantly learns more about our clients, competitors, industry and the broader market to drive insights and decisions
Innovative: Defines a compelling vision of the future, and develops breakthrough ideas, whether big or small, that support that visio
Overcomes Barriers: Takes responsibility for addressing obstacles that hinder our people and our business
Delivers Results: Delivers positive results regardless of circumstances, utilizing the right mix of analysis, judgment, agility and urgency
What you’ll get:
- Comprehensive Compensation and Benefits package
- Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
- Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
- Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
- Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
- Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab.
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
||English - spoken
|Current Licenses / Certifications:
|Relevant Work Experience:
||IT-Other Specialty Engineering-6+ yrs
|Position Located In:
||AZ - Phoenix
Activation Date: Thursday, October 19, 2017
Expiration Date: Saturday, December 30, 2017