Charles Schwab Technical Director - SIEM Management in Fort Worth, Texas
Fort Worth - TX, TX13601F, 13601 North Freeway, 76177
Sarah L Timms
We believe that , when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established by Chuck at http://www.aboutschwab.com/about/leadership/charles_schwab over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
As the Technical Director, you are expected to serve as ‘first line of defense’ strategic technical resource and provide awareness of, and response to internal and external threats and trends in direct partnership with the Threat Management and Monitoring team, and through continuous review/growth of the following knowledge: security incident and event management (SIEM), security monitoring, security analytics, enterprise incident management, security aspects of the financial and other applicable industries, technologies, regulations, and business practices in light of rapid technology advances and regulatory reform; industry information security frameworks, best practices, and reporting methods in response to increasing demand for transparency and accountability; and the Firm’s business strategy, information assets, changing technology, and security risks/controls. Technical Directors are also expected to promote a team spirit and enthusiastic work attitude, promote positive thinking, maintain ongoing open dialog, and foster the ideas and talents of others.
What you’ll do:
Play a critical role in assisting the SIEM Management and Monitoring and Security Analytics teams in driving information security to the next level. At Schwab, this role plays an essential part in safeguarding our clients’ data, their future, and our brand by identifying highly technical risks within systems and applications. This role is responsible for:
Maturing and providing technical leadership for a ‘first line of defense’ security incident and event monitoring & response functions involving highly tactical, technical, and defensive incident response processes and technologies
Maintain laser focus on maturing and building comprehensive, highly technical, automated/orchestrated and manual defensive practices using a variety of commercial, open source, and highly customized homegrown tooling
Help develop and participate in a collaborative approach to threat hunting, threat monitoring and analysis, and appropriate remediation activities in a direct ‘first line of defense’ partnership with Security Operations
Providing valuable intelligence via feedback loops into the Firm’s Cyber Threat Intelligence functions
Mature and manage a scalable and repeatable enterprise security incident response methodology
Identify improvements to business processes and methodologies
Provide technical expertise and leadership to the security professionals on your team
Interface with peer departments within Security Technology & Operations, audit, as well as IS Risk Management and technical platform teams to address concerns, and provide consultation to Governance functions on risks and escalations
Ensure that company-wide intelligence is consistently integrated into the threat model – determine threat impacts across business and technology lines
Review incident reports, determine their severity, and socialize accordingly to help facilitate long-term remediation
Build positive, productive relationships with business and technology leadership
Other responsibilities include guiding execution of all aspects of their team's strategy, delivery of services, maintaining quality, and stakeholder satisfaction. Job duties include assisting leadership in establishing the strategic direction of work teams or service lines, providing direction on the team's design and implementation of new or enhanced processes and tools, and discovery and analysis of business or system information. Also, helps identify and evaluate security and solution implications across multiple business and technology areas.
What you have:
Minimum of 8 years of experience in one or more of the following areas is required: Information Security, Enterprise Security Monitoring & response (Blue Team), Information Technology, project management, business or security informatics, penetration testing, threat intelligence, audit & assurance, Enterprise Risk Management, Corporate Compliance, security architecture/design strategy, policy or controls development, compliance readiness assessments (i.e. PCI, SOX, GLBA, FFIEC, etc.), system analysis and implementation, or related function.
Previous experience as a technical leader within an enterprise security incident response function is required.
Expert understanding of enterprise level Security Incident and Event Management (SIEM) management and monitoring best practices
Expert understanding of application/system/infrastructure security monitoring and applicable toolsets
Expert understanding and hands on capabilities with Splunk
Thorough understanding of network protocols
Mastery of Mac, *nix, Windows, and mobile operating systems
Experience with programming/scripting languages
Knowledge of the current threat landscape
Knowledge of network based services and client/server applications
Knowledge of enterprise systems, network and security infrastructure
Other Required Skills •Exceptional administrative, organizational and problem solving skills •Ability to successfully interface with leadership and engineers alike •Ability to document and explain technical details to technical staff and executives •Background in operational information security disciplines (e.g. application security assessment, penetration testing, vulnerability management, or threat research) •Experience in leveraging intelligence feeds and products to prioritize blue team response functions •Basic understanding of big data analytics
Desired Certifications: CISSP, CISM, GCIA, GCFA, GREM or security equivalent.
You demonstrate these behaviors:
Passion : Have a passion for what you do, and are proud of what you help the team accomplish. Always learning and growing.
Integrity : Be accountable for your actions, successes, and failures. Follow through on deliverables as promised.
Organized : Well organized and systematic approach to work. Tracks work in an organized manner and can communicate plans and progress with clear documentation.
Innovative : Defines a compelling vision of the future, and develops breakthrough ideas, whether big or small, that support that vision.
Disciplined : Highly disciplined in how resources are used; designs and champions ideas to drive efficiency.
Courageous : Displays confidence and courage in talent and business decisions, actions, and communications; does the difficult or unpopular when it’s right.
Collaborative : Capitalizes on the diverse experience and expertise of colleagues and builds commitment around vision and priorities.
What you’ll get:
Comprehensive Compensation and Benefits package
Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
Not just a job, but a career, with an opportunity to do the best work of your life
Learn more about Life@Schwab at http://www.aboutschwab.com/careers/lifeatschwab/" .
Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law. Schwab also does not discriminate against applicants or employees because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. At Schwab, we believe that every employee, through their diverse abilities and experiences, can contribute to our growth, innovation and client loyalty. We embrace diversity and are committed to providing equal opportunity to all employees and applicants. If you have a disability, and require reasonable accommodations in the application process, call Human Resources at 800-725-3535. We will be happy to assist you. Schwab will only share your accommodation request with those individuals who have a specific need to know. The request for an accommodation will not affect Schwab's hiring decisions. All other submissions should be performed online.
Relocation Offered?: No
Work Schedule: Days
Languages: English - spoken
Current Licenses / Certifications: None
Relevant Work Experience: IT-Other Specialty Engineering-6+ yrs
Position Located In: TX - Dallas, TX - Ft Worth, TX - Westlake
Job Type: Full Time
Activation Date: Tuesday, June 5, 2018
Expiration Date: Thursday, September 6, 2018