Senior Staff, Cyber Resilience Oversight
In Corporate Risk Management (CRM), our mission is to execute an independent and coordinated risk management program that supports delivery of predictable long-term financial and operational performance in order to produce successful client and shareholder outcomes. In CRM’s Technology Risk Management (TRM), we support CRM’s mission by managing information and technology risks to protect client assets, client information and firm assets.
The Senior Staff, Cyber Resilience Oversight role reports into the Managing Director of Cyber Resilience Oversight. As a 2nd line of defense function, this position is responsible for collaborating with the broader Threat & Vulnerability Risk Management (TVRM) team as well as 1st line of defense partners to establish, maintain, report on, and continuously mature the Firm’s Cyber Resilience (CR) risk management program, including the Firm’s CR risk management framework.
What you are good at
- Establish, maintain, and mature the CR Oversight roadmap and framework
- Develop policies, standards, methodologies, templates and project plans for implementation of CR program elements
- Partner with 1st line of defense technology teams as well and 2nd line of defense corporate risk partners to ensure sufficient alignment exists between program elements
- Provide an independent voice and effective challenge responsive to identified CR risk, and the risk treatment of said findings
- Champion the inclusion of CR controls within the Firm’s Risk and Control Self-Assessment (RCSA) program by: ensuring technology owners are properly assessing cyber resilience risk in their environments, identifying breaks in the effectiveness of their CR controls, and mitigating discovered gaps
- Partner with other risk oversight functions, technology owners, and 1st line of defense risk managers to drive measurable and sustainable improvements within the control environment
- Create, maintain, and report on Issues/Findings, Action Plans, Risks, and Controls within the IBM OpenPages and/or Archer Governance, Risk, and Compliance (GRC) platform(s).
- Prepare regularly-scheduled and ad-hoc reports for management and risk committees regarding status of risk treatment activities
- Define management reporting requirements and metrics, including risk appetite metrics and key risk indicators
- Participate in strategic and tactical planning with 1st line of defense to mature the Firm’s CR posture
What you have
- 5+ years of experience in, and a solid understanding of, any of the following: Cyber Resilience, Data Center Operations, Business Continuity Management, Cybersecurity, Operational Risk Management, Third-Party Risk Management, IT Risk/Control, and/or IT Audit domains,
- Experience with Internal Audits, SSAE16, SOX, and/or regulatory assessments
- Understanding of control frameworks, industry standards, and regulatory guidance, including: NIST CSF, NIST SP800-53, ISO 27001, FFIEC, COBIT, ITIL, etc.
- Understanding of the ‘Three Lines of Defense’ governance model
- Understanding of benefits gained and challenges posed by public cloud infrastructure as it relates to the Firm’s resilience posture
- Familiarity and experience working within Governance, Risk, and Compliance (GRC) platforms, ideally IBM OpenPages
- Ability to assess and effectively communicate the operational, technical, and financial impact of findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business
- Broad, high-level understanding of the retail and institutional broker/dealer and banking industry, including technology, back-office operations, and servicing
- Ability to lead multiple efforts simultaneously across a large matrixed environment
- CISSP, CISM, CISA, CRISC, or equivalent certifications
- BS degree in related fields preferred (Cybersecurity, Computer Science, etc.)
At Schwab, “Own Your Tomorrow” embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. We’re a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.
Hear from employees: What’s it like to work at Schwab!
The benefits of working at Schwab: a package designed to empower your health, wealth, career and life.
Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.
As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.)
Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace.
We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.
Why work for us?
Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.
Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future. Explore further.
Schwab is committed to building a diverse and inclusive workplace where everyone feels valued. As an Equal Opportunity Employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. Please click here to see the policy.
Schwab is an affirmative action employer, focused on advancing women, racial and ethnic minorities, veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at email@example.com or call 800-275-1281.
TD Ameritrade, a subsidiary of Charles Schwab, is an Equal Opportunity Employer. At TD Ameritrade we believe People Matter. We value diversity and believe that it goes beyond all protected classes, thoughts, ideas, and perspectives.