At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program.
This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat and DLP principles to identify trends and patterns which can assist in the development of new detection rules and models.
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.
What you haveYou are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are adept at translating complex problems into ‘byte-sized’, readily implemented (and preferably automated) solutions. You are familiar with Insider Threat technologies (such as Security Information Event Management - SIEM, User Entity Behavioral Analytics - UEBA, Endpoint Detection and Response - EDR, Data Loss Prevention - DLP) and have an understanding of investigations and/or the intelligence cycle.
Your opportunity:
At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program.
This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat and DLP principles to identify trends and patterns which can assist in the development of new detection rules and models.
The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.
What you have:
You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are adept at translating complex problems into ‘byte-sized’, readily implemented (and preferably automated) solutions. You are familiar with Insider Threat technologies (such as Security Information Event Management - SIEM, User Entity Behavioral Analytics - UEBA, Endpoint Detection and Response - EDR, Data Loss Prevention - DLP) and have an understanding of investigations and/or the intelligence cycle.
Required qualifications:
Understanding of computer networking concepts, communication protocols, primary threat actor attack methods and tools
Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence
Ability to understand and learn technical specifications, system requirements and other application design information as needed
Detail-oriented person who is passionate about quality and is enthusiastic about innovative technology offerings
Strong verbal and written communication skills and you are comfortable composing briefs and assessments for leadership
Familiar with analytical programming languages such as SQL
Ability to thrive in ambiguity and rapid change
Comfortable with process flow diagrams
Familiar with applying Agile Methods
Basic understanding of a variety of security and compliance policies and incident response processes
Experience monitoring and analyzing Data Loss Prevention (DLP) and Database Activity Monitoring (DAM) incidents to ensure compliance with company policies
6 months+ of Schwab technology domain experience gained as a current or recent contractor or employee
Ability to exercise sound judgment when determining which events require follow-up response or escalation
Comfortable working with internal customers to respond to escalations
Maintaining incident documentation, analyzing incident trends
Experience maintaining and generating audit evidence for internal and external regulatory compliance
Ability to function as a technical conduit between IT and the business
Preferred qualifications:
4 - 7 years related experience including developing requirements, designing, and executing test cases in insider threat and data loss prevention
Bachelor’s degree in computer science or related field
What’s in it for you:
At Schwab, we’re committed to empowering our employees’ personal and professional success.Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry.Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
Base salary + bonus opportunity (for eligible positions)
401(k) with company match and Employee stock purchase plan
Paid time for vacation, volunteering, and a 4-week sabbatical after 5 years of service for eligible positions
Paid parental leave and family building benefits
Tuition reimbursement
Health, dental, and vision insurance
What’s in it for you
At Schwab, you’re empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase planPaid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positionsPaid parental leave and family building benefitsTuition reimbursementHealth, dental, and vision insurance Apply Save job