Skip to main content
Saved Jobs 0
Search Jobs

Search Jobs

Senior Technology Risk Manager, Identity Access Management

Location Westlake, Texas, United States; Austin,Texas,United States;Phoenix,Arizona,United States;Jersey City,New Jersey,United States;Omaha,Nebraska,United States; Requisition ID 2021-74258 Category Risk Position Type Regular
Apply Now

Your Opportunity

In Corporate Risk Management (CRM), we develop a framework for how much risk we are willing to accept as a firm and establish processes for identifying, evaluating, measuring, monitoring, and reporting against that framework. As a division of CRM, Technology Risk Management (TRM) supports that framework across information and technology systems to protect client assets, client information, and firm assets.

Workplace Flexibility Program: We're proud to support our employees in a working approach that allows you to bring your best self to work – whether that’s in the office or remote.

  • Most Schwabbies have the opportunity to voluntarily work in the office or at home based on their preference, through the remainder of 2021.*
  • When the firm is ready to fully return to the office, employees will have the flexibility of a hybrid work environment, spending some time working remote and some time in the office.
  • Employees and managers can discuss and decide what works best for them, with additional flexibility available based on their role, business needs, and individual circumstances.

*Subject to change as Schwab is continually evaluating the current environment in order to best care for the safety and well-being of our employees.

What you are good at

The Technology Risk Manager Senior, Identity & Access Risk Management (IARM), as a second line function, is responsible for a) proactively identifying, measuring, assessing and reporting on risks associated with managing the identity lifecycle, managing access to information resources, and authentication/authorization mechanisms, b) executing identity and access risk management policy, overseeing and assessing adherence to policy, and reporting maturity progress to management, c) assessing ongoing adherence to security standards and best practices by conducting recurring and ad-hoc risk assessments on platforms and applications, and d) providing consultation/guidance to our first line partners on policy and standard requirements and best practices to reduce risk.

Responsibilities include:

Partner with technology and business teams to assure policy compliance is communicated and path forward is understood.

Conduct policy oversight, collaborating with business and technology teams to document risk management requirements, assess IAM processes for compliance with published standards, and perform risk assessments where appropriate.

Identify risks, examine control portfolios (and their underlying processes), and assess whether these are designed sufficiently to reduce risk to levels within the firm’s risk appetite.

Maintain and evolve the measurement of KPI’s/KRI’s to monitor risk reduction.

Assess the identity & access risk management space on a periodic basis to evolve the strategy to adapt to emerging threats and capabilities.

Principle Duties and Responsibilities

Provide Effective Challenge & Policy Oversight:

Articulate identity & access risk management strategies that continuously monitor and improve the security posture of customer-facing and internally facing applications and information resources. Effectively challenge 1st line of defense roadmaps to continuously improve responses to the changing risk landscape.

Collaborate with business and technology teams to create and maintain identity & access risk management policies and standards reflecting the firm’s risk appetite and industry best practices to assure robust controls.

Provide credible risk assessments and independent reporting:

Liaison with product management and technology to assure risk management requirements are considered throughout the identity lifecycle and across the portfolio of systems at the firm.

Conduct oversight on identified gaps and remediation activities and provide reporting to business, technology, and risk management leaders. Provide support to keep mitigation plans on track for timely delivery.

Participate in continuous monitoring of adherence to Identity and Access and other policies and standards.

Work with internal auditors and regulators to articulate our identity and access risk management framework, execution progress, and how these risks are managed at Schwab.

Assist with identification and mitigation strategies for areas of non-compliance with information security policy and standards.

Build and Maintain Relationships:

Align with stakeholders from all three lines regarding information security risks to the business units.

Partner with risk, business, and technology leaders to identify key issues, trade-offs and impacts to planned investments and projects.

What you have

  • Bachelor’s degree plus CISSP, CISM, or equivalent certification is preferred
  • 3+ years’ experience in the Information Security field
  • Experience working with authentication and authorization mechanisms, multi-factor authentication tools and strategies, identity providers, and managing privileged access risks. Working knowledge of these technologies, potential flaws and risks, and best practices to implement solutions that reduce risk.
  • Knowledge of risk control frameworks such as NIST, ISO as well as regulatory and industry requirements such as GLBA, PCI, FFIEC
  • Experience with data analysis and reporting
  • Ability to effectively communicate with technical and executive audiences; both oral and written is required
  • Experience interfacing with auditors in support of audits is required
  • Experience with working with partners at all levels and across functional lines, bringing diverse points of view together
  • Thrive in a constantly evolving environment and meet critical commitments under pressure
  • Conduct metrics and status reporting
  • Experience with GRC and Workflow tools such as IBM OpenPages or RSA Archer and Policy Tech or Policy Hub will be a plus
  • Ability to work independently and proactively, with minimum guidance
  • Ability to work on multiple projects simultaneously while prioritizing based on risk/business needs
  • Effective organizational and time management skills
  • Excellent interpersonal, written, and verbal communication skills; demonstrated presentation skills
  • Sharp analytical skills and strong attention to detail and accuracy
  • Strong interpersonal, analytical, problem-solving, influencing, prioritization and conflict resolution skills
  • 3+ years of experience in a risk, supervision/controls, compliance, or audit function
  • 2+ years of experience in financial services
  • Experience analyzing data and preparing solutions based on sound facts and findings
  • Self-starter with a can-do attitude who is capable of building relationships within a matrixed organization

Preferred Competencies:

CISSP, CISA, CISM, CRISC, or equivalent certification

Why work for us?

Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.

Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future. Explore further.

Schwab is committed to building a diverse and inclusive workplace where everyone feels valued. As an Equal Opportunity Employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. Please click here to see the policy.

Schwab is an affirmative action employer, focused on advancing women, racial and ethnic minorities, veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at or call 800-275-1281.

TD Ameritrade, a subsidiary of Charles Schwab, is an Equal Opportunity Employer. At TD Ameritrade we believe People Matter. We value diversity and believe that it goes beyond all protected classes, thoughts, ideas, and perspectives.

Apply Now