At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) is responsible for Secure Configuration Management – and we are looking for an Analyst to support the development, maintenance and monitoring of secure baselines across the firm’s infrastructure.
The Opportunity
In this individual contributor role, you’ll play a critical role in the day-to-day execution of our secure configuration program. You’ll assist in translating hardening standards into actionable baselines, help validate implementation and contribute to drift monitoring efforts. This is an ideal opportunity for someone with a strong IT foundation who’s eager to deepen their security skillset in a hands-on enterprise scale environment.
What you’ll do:
Support the creation and maintenance of secure configuration baselines aligned to CIS, NIST, or vendor hardening guidance Assist in tracking baseline coverage, implementation status, and remediation efforts across platforms Review configuration data and monitoring output to identify drift or gaps in enforcement Collaborate with engineers to test and validate automation logic (e.g., Ansible playbooks) Help document deviations, exceptions and team runbooks Maintain Jira workflows and contribute to process improvement efforts across the baseline lifecycle Advocate for scalable security: reduce noise, improve coverage, and automate sanity checks What you haveRequired Qualifications:
2-4 years of experience in IT, cybersecurity, or systems administration with exposure to enterprise environments Understanding of secure configuration principles for systems such as Windows, Linux, cloud platforms or networking devices Familiarity with scripting languages or configuration tools Ability to interpret security benchmarks and translate technical guidance into actionable requirements Attention to detail and a strong sense of accountability Familiarity with CIS Benchmarks, NIST, DISA STIGS, or vendor-specific hardening guidelines Experience reviewing scan data from tools like Qualys, CrowdStrike, or similar platforms Hands on experience administering one or more technology platforms is a plus Bachelor's Degree in Computer Science, Engineering, or a related fieldIn addition to the salary range, this role is also eligible for bonus or incentive opportunities.
What’s in it for you
At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase planPaid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positionsPaid parental leave and family building benefitsTuition reimbursementHealth, dental, and vision insurance Apply Save job