At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
In Technology Risk Management (TRM), a part of Corporate Risk Management (CRM), we partner with technology and business teams who are implementing technologies and processes to ensure the risks associated with the use of these are identified and managed. We do this to ensure we meet our corporate risk appetite, following an established framework for identifying, evaluating, measuring, monitoring, and reporting that risk in order to protect client assets, client information, and firm assets. You will bring an understanding of technologies in the identity, authentication, and access management space to identify the risks associated with use of these technologies and determine if risks are sufficiently managed.
The Senior IT Risk Manager, Identity & Access Management, as a second line function, is responsible for a) proactively identifying, measuring, assessing and reporting on risks associated with managing the identity lifecycle, managing access to information resources, and authentication/authorization mechanisms b) overseeing identity and access risk management policy, assessing adherence to policy, and reporting maturity progress to management, c) assessing ongoing adherence to security standards and best practices by conducting recurring and ad-hoc risk assessments on platforms, applications, and processes and d) providing consultation/guidance to our first line partners on policy and standard requirements and best practices to reduce risk.
What you’ll do:
Conduct policy/standard oversight; collaborate with technology and business teams to assure risks and risk management requirements are understood; assess IAM processes for compliance with published standards, regulatory requirements, and best practices; perform risk assessments and testing where appropriate.Identify risks, examine control portfolios (and their underlying processes), and assess whether these are designed sufficiently to and are effectively reducing risk to levels within the firm’s risk appetite. Assist business partners through the risk response process by documenting gaps as issues, providing input to remediation plans and/or risk acceptances, and providing oversight for the management/lifecycle of these gaps.Maintain and evolve the measurement of RAMMs/KPIs/KRIs to monitor risk reduction.Assess the IAM risk management space, including roadmaps and projects, on a periodic basis to evolve strategy to adapt to emerging threats and capabilities.Collaborate with technology and business teams to ensure creation of IAM policies and standards reflecting the firm’s risk appetite and best practices to ensure robust risk management.Work with leadership, internal auditors, and regulators to articulate our IAM risk management framework, execution progress, and how these risks are managed at Schwab.Exemplify professionalism and a collaborative spirit in working with fellow risk management professionals and especially with our business partners to help them understand the benefit of identifying and managing risks to support business initiatives.
We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site four days per week in the specified locations.
Applicants must be currently authorized to work in the United States on a full-time basis without employer sponsorship.
What you haveTo ensure that we fulfill our promise of “challenging the status quo,” this role has specific qualifications that successful candidates should have.
Required Qualifications:
5+ years of experience in an Information Technology, Information Security, IT Risk Management, or Technology Audit fieldExperience working within the identity and access management technology space and a working knowledge of aspects such as provisioning, entitlements, certification, privileged access management, authentication, and other technologies in this spaceExperience with data analysis and reporting, with sharp analytical skills and strong attention to detail and accuracyAbility to effectively communicate with technical and executive audiences; both oral and written is required with demonstrated presentation skillsExperience working with partners at all levels and across functional lines (audit, risk management, technology teams and business teams) to bring diverse points of view togetherAbility to work independently and proactively, with minimal guidanceAbility to work on multiple projects simultaneously while prioritizing based on risk/business needs with effective organizational and time management skillsStrong interpersonal, analytical, problem-solving, influencing, prioritization and conflict resolution skillsFamiliarity with audit and testing practicesBachelor’s degree
Preferred Competencies:
CISSP, CISA, CISM, CRISC, or equivalent certification strongly preferred3+ years of experience in a risk, supervision/controls, compliance, or audit function2+ years of experience in financial servicesKnowledge of risk control frameworks such as NIST, ISO as well as regulatory and industry requirements such as FFEIC, GLBA, PCIExperience with GRC and Workflow tools such as IBM OpenPages or RSA Archer and Policy Tech or Policy HubExperience interfacing with auditors in support of audits Options Apply for this jobApplyShareRefer a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeedWhy work for us?
At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry.
We offer a competitive benefits package to our full-time employees that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase plan Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions Paid parental leave and family building benefits Tuition reimbursement Health, dental, and vision insurance Application FAQsSoftware Powered by iCIMS
www.icims.com