Austin - TX, AUS1, 2309 Gracy Farms Lane, 78758
We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
In Corporate Risk Management, we provide an integrated risk management strategy that supports the delivery of predictable financial and operational performance in order to produce successful client and shareholder outcomes. We are organized around six primary functions: Bank Risk, Enterprise Risk, Information Security Risk, Market and Investment Risk, Model Risk and Operational Risk. Within each of these areas, we develop a framework for how much risk we are willing to accept as a firm and establish processes for identifying, evaluating, measuring, monitoring and reporting against that framework. In Information Security Risk Management (ISRM), we support that framework with respect to the use of information and technology by setting and monitoring the implementation of risk based policies and enhancing the firm’s controls and security countermeasures. Within ISRM, we conduct our annual Risk Assessment (RA) and ensure compliance with Policy across the organization.
What you’ll do:
- Conduct Information Security Risk Assessments on applications, databases and supporting infrastructure components
- Enter assessment reports into Archer (eGRC tool)
- Analyze the impacts of identified issues using a common risk rating methodology
- Analyze resulting data to identify key trends, root causes and assist in the creation of annual Risk Assessment reports
- Monitor, update and provide consultation on information security issues for information security technology assets
- Track and follow up as needed to ensure timely approval of exceptions and risk acceptances and issue remediation
- Partner with a variety of Technology organization teams, as well as risk-mitigation groups such as Corporate Security, Global Security Organization, the Online Security Team, and Security Technology and Operations
- Support additional projects and tasks related to Information Security based on business needs and the regulatory environment
- Be an advocate for security initiatives with fellow employees, vendors, clients and management
- Develop a familiarity with new tools and best practices
What you have:
- BA/BS degree or equivalent work experience
- At least 5 years of experience as an Information Security practitioner
- In depth knowledge of IS Risk Assessment methodologies such as ISO 27005, DREAD or FAIR, and IS control frameworks such as ISO 27001/27002, PCI DSS, and/or NIST 800-53
- Prior implementation of information security controls to include: network, server, desktop and cloud as well as secure software development life cycle, logical access and data protection
- Broader understanding of Information Security and GRC tools like Archer & Open Pages
- Knowledge of content sharing tools including SharePoint
- Prior experience interacting with regulators, evaluating audit reports, network penetration test results, application security assessments and regulatory exams to determine remediation priorities
- CISSP, CISA, CISM, SANS GIAC or equivalent certifications are preferred
What you’ll get:
- Comprehensive Compensation and Benefits package
- Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
- Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
- Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
- Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
- Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab.
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law. Schwab also does not discriminate against applicants or employees because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. At Schwab, we believe that every employee, through their diverse abilities and experiences, can contribute to our growth, innovation and client loyalty. We embrace diversity and are committed to providing equal opportunity to all employees and applicants. If you have a disability, and require reasonable accommodations in the application process, call Human Resources at 800-725-3535. We will be happy to assist you. Schwab will only share your accommodation request with those individuals who have a specific need to know. The request for an accommodation will not affect Schwab's hiring decisions. All other submissions should be performed online.
||English - spoken
|Current Licenses / Certifications:
||Certified Information Systems Auditor - CISA, Certified Internal Auditor - CIA, Certified Information Systems Security Professional - CISSP
|Relevant Work Experience:
|Position Located In:
||TX - Austin
Activation Date: Friday, December 15, 2017
Expiration Date: Thursday, March 1, 2018