At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) is responsible for Secure Configuration Management – and we need a skilled and experienced Senior Manager to lead the team hardening guidance into practical and scalable enforcement.
The Enterprise Vulnerability Management (EVM) team is expanding our secure configuration management program. We’re looking for a technically strong, solutions-oriented Senior Manager to lead the strategy and execution for translating hardening guidance into real-world enforcement across the firm’s core infrastructure.
You’ll be instrumental in bringing our secure baselines to life – leading automation efforts, enhancing monitoring, and partnering with teams to drive measurable risk reduction. If you’re passionate about making secure defaults the norm, we’d love to chat.
What you’ll do:
Lead team of engineers continuously evaluating industry leading practices for secure configuration management, and enforcing hardening across the firm’s core infrastructure Establish strategy and lead-by-example with translation of secure configuration baselines into code using automation tools (e.g., Ansible, Terraform) Collaborate with infrastructure and security teams to drive consistent baseline implementation and monitoring Enhance drift detection and alerting capabilities across platforms Develop scalable enforcement approaches, including self-healing and remediation logic Serve as a technical advisor on automation strategies related to baseline compliance Consult on automated approaches to enforce configurations and enable self-healing capabilities using automation platforms Advocate for scalable security: reduce noise, improve coverage, and automate sanity checks What you haveRequired Qualifications:
3+ years of people leadership experience, with track record of developing and retaining top talent 5+ years of experience with secure configuration management, including compliance monitoring (e.g., Qualys or equivalent) Proficiency with scripting or infrastructure-as-code tools (e.g., Python, YAML) Experience developing Ansible playbooks (YAML) to automate secure configurations Familiarity with CIS Benchmarks, NIST, DISA STIGS, or vendor-specific hardening guidelines Solid systems knowledge (Linux, Windows, cloud, or networking preferred) A clear, thoughtful communication style and a collaborative approach to problem solving Bachelor’s degree in computer science, engineering, or a related fieldPreferred Qualifications:
Security certifications, such as CISSP, CISM, GIAC, or Cloud Security certifications are preferred Hands on experience administering one or more technology platforms is a plusIn addition to the salary range, this role is also eligible for bonus or incentive opportunities
What’s in it for you
At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase planPaid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positionsPaid parental leave and family building benefitsTuition reimbursementHealth, dental, and vision insurance Apply Save job