Senior Engineer, Vulnerability Management

Responsibilities

• Assess, prioritize, and drive remediation or alternative treatment of vulnerabilities across technology infrastructure.
• Develop and implement strategies for remediating vulnerabilities in technology assets
• Collaborate with infrastructure operations and application support teams to drive timely response and treatment of vulnerabilities.
• Support the development and implementation of strategies to enhance and mature Enterprise Vulnerability Management processes for vulnerabilities associated with baseline configuration drift and cloud misconfigurations.
• Asses, triage, and prioritize vulnerabilities and associated remediation and mitigation activity using multiple sources of vulnerability, threat, and asset data.
• Maintain documentation repositories related to vulnerability management for use by internal staff and stakeholders.
• Educate system owners to continually improve the knowledge and skills on how best to manage security configuration, patch management and vulnerability management forpany infrastructure systems.

Other duties include :

• Train and / or mentor other team members, and peers as appropriate
• Develop internal tools to increase team efficiencies and continually mature operations.
• May travel minimally as part of training and ongoing vulnerability management capability enhancements.

What you have

Required :

• Bachelor’s degree inputer science or related field or equivalent experience / certification
• 5+ years of information security and / or infrastructure experience that also includes background and knowledge of general security concepts such as defense in-depth, least privilege, etc.
• 3+ years of demonstrated knowledge of vulnerability assessments and reporting including understanding of vulnerability management methodologies and procedures, threat assessment, and remediation management.

Also including knowledge of enterprise vulnerability assessment technologies, like Qualys, RiskFabric, Prisma, Imperva, or similar vulnerability solutions

Preferred :

• Ability to articulate and intimately understand technical andplex information security threats, methodologies, frameworks, technologies, and architectures.
• Knowledge of technological trends and developments in cybersecurity and technology, including latest information security technologies and services such as EDR, SOC, NDR, SIEM, SOAR, and XDR.
• Familiarity with attack and exploitation techniques involving operating systems, applications, and devicesmonly seen in an enterprise environment.
• Knowledge of network fundamentals and protocols to be able to provide input into firewall, intrusion detection / prevention, penetration testing analysis and rmendations.
• Knowledge of security, service, and control frameworks, such as ISO / IEC 27001, NIST, ITIL, SOX, FFIEC, and GDPR.
• Ability to understand and manipulate large data sets to provide analysis and reporting.
• Analytical and problem-solving skills, including the ability tomunicate solutions / alternatives and influence the oue of decisions.
• Information security certifications, including Certified Information Systems Security Professional (CISSP), GIAC certification, or Certified Information Security Manager (CISM);

or willingness to obtain to support job responsibilities.

Experience working in financial services industry, working within a highly regulated environment.

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.

What’s in it for you

At Schwab, we’remitted to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry.

Our approach balances our ongoingmitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer apetitive that takes care of the whole you both today and in the future :

• 401(k) withpany match and Employee stock purchase plan
• Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
• Paid parental leave and family building benefits
• Tuition reimbursement
• Health, dental, and vision insurance

Job ID 1420868751