Phoenix - AZ, PHX4701A, 4701 E Francisco Dr, 85044-5365
We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
The Schwab Cloud Risk Management Leader is responsible for the identification, evaluation, and monitoring of information security risks as a result of the utilization of cloud services at Schwab. Under limited supervision, this role will establish, maintain, and improve cloud security governance (policy, standards, process, and procedures), conduct cloud information security risk management, program planning, and execution. The Cloud Security Risk Management Leader plays a key role in defining appropriate risk management practices for cloud services, defining and deploying a cloud security framework, and managing compliance of cloud providers to established governance practices. The role will work cross functionally to develop appropriate cloud security governance capabilities, and should have excellent collaboration, influencing, and team building skills.
What you’ll do:
The Cloud Risk Management Leader will be responsible for the following duties:
- Facilitate the development of, and outline actionable execution plans to implement, Schwab’s cloud risk governance and control framework
- Develop innovative approach to risk management that effectively manages risk of cloud services for Schwab, while meeting the needs of internal customers and minimizing business impact
- Conduct ongoing activities to assure effective risk identification, assessment, evaluation, tracking and mitigation of cloud risks related to Schwab’s utilization of cloud services
- Define and develop, with cross-functional partners, appropriate governance as it pertains to information security including policies for usage, standards, vendor evaluations, and vendor due diligence of cloud service providers
- Engage with Schwab business partners to educate and evangelize Schwab’s approach to cloud security risk management.
- Establish a rhythm for the business for managing cloud risk management and mitigation in a measurable manner; identify and maintain measurements of a quality risk management activities; consult with Schwab business and technical partners on the implementation of preventative and mitigation control strategies and implement processes to monitor and report on risks
- Support the evaluation of Schwab’s information security control environment related to cloud security, including administration and technical control gap assessments, cloud security strategy, risk assessments and treatment, and cloud risk monitoring
- Define cloud based key risks, and establish standard performance and key risk reporting indicators
- Partner with other key programs to create executive level dashboard reporting interface to provide timely cloud security risk posture
Other duties include:
- Build strong relationships and partner closely with other business partners across Charles Schwab Corporation and its affiliates
- Develop internal tools to increase team efficiencies and continually mature operations
- May travel minimally as part of training and ongoing risk management capability enhancements
What you have:
- Thorough understanding of cloud information security controls and risks
- Experience in risk management in highly technical environments
- Knowledge of security technologies for cloud platforms (authentication, encryption, key management, sandboxing, VPNs, firewalls, intrusion detection/prevention)
- Ability to evaluate technical risk and business impact and explain the impact of security issues to both technical and non-technical audiences
- Superior written and verbal communication skills
- Existing information security certifications desired, such as CISSP, CCSP, CISM, CISA; or willingness to obtain certifications to support job responsibilities
- Minimum of 5+ years of applicable experience in cloud architecture, risk, compliance, information security, &/or audit
- Must be a self-starter and able to work both independently as well as part of a team
- Ability to work in a fast-paced environment. Requires excellent time management skills, ability to juggle multiple, competing priorities, with strength in identifying and implementing solutions to address the critical needs
- Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment. Hands-on.
- Expertise in retail financial services industry working with in highly regulated environment
- Project management experience, including business/process analysis, documenting gaps, and process improvement
- Excellent analytical & technical skills, able to research problems, determine root causes and solutions
- Bachelors Degree in Information Systems, Finance, Economics or Engineering preferred
- Six Sigma Greenbelt or Blackbelt certification preferred
- Masters degree in business or technology discipline preferred
What you’ll get:
- Comprehensive Compensation and Benefits package
- Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
- Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
- Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
- Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
- Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab.
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.
||English - spoken
|Current Licenses / Certifications:
|Relevant Work Experience:
||Internal Audit, IT-Management/Technical Project Mgmt-2-5 yrs, Regulatory, Risk Analysis, Compliance
|Position Located In:
||TX - Austin, AZ - Phoenix, TX - Westlake
Activation Date: Friday, January 5, 2018
Expiration Date: Thursday, March 1, 2018