Specialist, Technology Risk Management
The Schwab Cybersecurity Services (SCS) team is responsible for implementing the firm’s cybersecurity strategy which includes security architecture, security operations monitoring (SOC), cybersecurity incident response, implementing and operating the necessary security tools, controls and approaches to meet policies and standards, and regulatory support for all of Technology.
Reporting to the Sr. Manager, the Specialist, Technology Regulatory Management will be responsible for supporting the coordination and execution of Regulatory engagement activities, including regulatory exams, continuous monitoring meetings, and MRA (Matters Requiring Attention) remediation monitoring and reporting.
What you are good at
The Specialist, Technology Risk Management, in collaboration with Cybersecurity Risk Governance (CRG) leadership, will also:
- Support the execution of the Regulatory Program within Schwab’s Regulatory Management team
- Follow and help enhance processes and procedures that govern the Regulatory Program
- Contribute to defining, planning, orchestrating, and delivering regulatory initiatives including legal, operational, and information technology deliverables
- Provide assistance in managing the scope of regulatory projects to ensure commitments are achieved within agreed upon time, cost, and quality parameters
- Liaise with internal stakeholders in STS, Compliance, the Regulatory Liaison Office, etc. under the guidance of the Sr. Manager
- Evaluate regulatory and audit items and provide suggested recommendations on remediation approach
- Help coordinate concurrent regulatory &/or audit activities through collaboration with internal stakeholders
- Participate in cross-organizational meetings to ensure progress is on plan to target
- Assist with regulatory gap assessments against current state
- Help to facilitate content development for reports and communications going to regulators and Senior Management
- Support the cybersecurity incoming due diligence (IDD) process, as needed, whereby responses will be gathered for IDD questions
- Support other CRG leaders with ad hoc projects, as needed, such as collaborating with our SCS partners on risk identification, controls readiness and enhancement activities, and/or issue management
What you have
- 5+ years of relevant experience in the disciplines of information security, risk assessment activities, IT audit, and/or security compliance with hands on experience in compliance initiatives
- or 3+ years’ experience with professional services, such as Big 4 or other consulting firms
- Knowledge and familiarity with a broad range of IT and information security products and technologies such as Identity and Access Management, Vulnerability Management, Logging and Monitoring, Application Security, and how to apply with compliance requirements
- Familiarity with the major IT internal control and security frameworks (NIST, FFIEC, etc.), and key risks in those areas
- Working knowledge of workflow automation tools (Appian, CyberGRX, RFP360, etc)
- Working knowledge of risk governance methodologies
- Previous experience in the financial services or regulatory industry
- Information security certification is preferred but not required: CRISC, CISM, CISA, etc.
- Ability to recognize project/progress barriers and resolve them effectively
- Proven ability to quickly build relationships and earn the trust of business partners
- Ability to organize teams, establish direction and approach, resolve conflict, deliver tough messages with grace
- Ability to navigate a highly matrixed organization effectively
- Strong ability to work within a distributed team setting
- Sound business and technical acumen
- Ability to communicate verbally and in writing at all levels within the organization, including with regulators, with clarity and precision
- Ability to work autonomously within a distributed team setting in a dynamic work environment that often requires management/completion of multiple concurrent tasks within close deadlines and high demands, with a high degree of accuracy and detail.
- Flexibility to quickly switch tasks, take on special projects, accurately assess status, and devise a reasonable strategy for completion
- Focused and versatile team player that is comfortable under pressure
- Excellent problem-solving and critical-thinking skills
- Bachelor’s Degree in a related field
Why work for us?
Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.
Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future. Explore further.
Schwab is committed to building a diverse and inclusive workplace where everyone feels valued. As an Equal Opportunity Employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. Please click here to see the policy.
Schwab is an affirmative action employer, focused on advancing women, racial and ethnic minorities, veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at firstname.lastname@example.org or call 800-275-1281.
TD Ameritrade, a subsidiary of Charles Schwab, is an Equal Opportunity Employer. At TD Ameritrade we believe People Matter. We value diversity and believe that it goes beyond all protected classes, thoughts, ideas, and perspectives.