Charles Schwab
Your opportunity
At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).
The
Cyber Assessments and Resilience Team
is a first line of defense team within Schwab Cybersecurity Services, focused on ensuring that services and applications across Schwab’s portfolio are assessed for technology risk, cybersecurity risk, and privacy compliance.
This role will focus on conducting cybersecurity assessments, specifically
evaluating cloud security controls
and conducting
Privacy Impact Assessments (PIAs)
to safeguard client data, meet regulatory obligations, and strengthen Schwab’s cyber resilience posture. The role may also participate in other cybersecurity assessments as needed.
What You’ll Do As a
Cloud & Privacy Risk Assessment Manager , you will:
Evaluate cloud security controls
across public, private, and hybrid environments using industry frameworks (CSA CCM, CIS Benchmarks, NIST CSF).
Conduct Privacy Impact Assessments (PIAs)
for new and existing applications, ensuring compliance with GDPR, GLBA, CCPA, and other applicable regulations.
Partner with
privacy, legal, and data governance teams
to identify and mitigate privacy risks in technology solutions.
Review
data flows and storage locations
in cloud architectures to validate encryption, access controls, and data residency requirements.
Maintain expertise in
cloud-native security services
(AWS, Azure, GCP) and emerging privacy technologies.
Translate technical control gaps into
risk-based language
for remediation and executive reporting.
Prepare detailed
risk assessment reports
and deliver executive-level presentations outlining cloud and privacy risk posture, trends, and remediation status.
Perform
continuous monitoring
of identified gaps and provide regular updates to senior management.
Drive
automation initiatives
for cloud control validation and PIA workflows.
Contribute to the development of
cloud and privacy risk metrics
for dashboards and regulatory reporting.
Advocate and promote awareness of
cloud security and privacy risks
across business and technology teams.
What You’re Good At
Building strong relationships and partnering closely with security, privacy, and technology teams across Schwab.
Communicating complex technical and regulatory concepts in clear, actionable terms.
Driving continuous improvement in assessment processes, reporting, and automation.
Working independently and collaboratively in a fast-paced, results-oriented environment.
Required Qualifications
3–5 years
of experience in information security, risk assessment, or privacy compliance, with hands‑on experience in
cloud security assessments
and
PIAs .
Strong knowledge of
cloud platforms
(AWS, Azure, GCP) and associated security controls.
Familiarity with
privacy‑by‑design principles
and data protection laws (GDPR, CCPA, GLBA).
Expertise in information security best practices and technology risk management disciplines.
Experience with frameworks such as
CSA CCM ,
ISO 27001 , and
NIST CSF .
Working knowledge of software development practices and technologies.
Ability to develop and present
risk metrics and executive dashboards .
Excellent analytical and technical skills; able to research problems, determine root causes, and propose solutions.
Experience using collaboration platforms such as
MS SharePoint, PowerBI, PowerAutomate, and Jira .
Bachelor’s Degree in Computer Science or related discipline.
Relevant certifications or ability to obtain:
CISSP ,
CCSP ,
CIPT ,
CISM , or
CRISC .
Preferred Qualifications
Experience with
cloud compliance automation tools .
Knowledge of
data residency and cross-border data transfer requirements .
Familiarity with
privacy‑enhancing technologies .
What’s in it for you At Schwab, you’re empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase plan
Paid time for vacation, volunteering, and 28‑day sabbatical after every 5 years of service for eligible positions
Paid parental leave and family building benefits
Tuition reimbursement
Health, dental, and vision insurance
#J-18808-Ljbffr
We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).
The
Cyber Assessments and Resilience Team
is a first line of defense team within Schwab Cybersecurity Services, focused on ensuring that services and applications across Schwab’s portfolio are assessed for technology risk, cybersecurity risk, and privacy compliance.
This role will focus on conducting cybersecurity assessments, specifically
evaluating cloud security controls
and conducting
Privacy Impact Assessments (PIAs)
to safeguard client data, meet regulatory obligations, and strengthen Schwab’s cyber resilience posture. The role may also participate in other cybersecurity assessments as needed.
What You’ll Do As a
Cloud & Privacy Risk Assessment Manager , you will:
Evaluate cloud security controls
across public, private, and hybrid environments using industry frameworks (CSA CCM, CIS Benchmarks, NIST CSF).
Conduct Privacy Impact Assessments (PIAs)
for new and existing applications, ensuring compliance with GDPR, GLBA, CCPA, and other applicable regulations.
Partner with
privacy, legal, and data governance teams
to identify and mitigate privacy risks in technology solutions.
Review
data flows and storage locations
in cloud architectures to validate encryption, access controls, and data residency requirements.
Maintain expertise in
cloud-native security services
(AWS, Azure, GCP) and emerging privacy technologies.
Translate technical control gaps into
risk-based language
for remediation and executive reporting.
Prepare detailed
risk assessment reports
and deliver executive-level presentations outlining cloud and privacy risk posture, trends, and remediation status.
Perform
continuous monitoring
of identified gaps and provide regular updates to senior management.
Drive
automation initiatives
for cloud control validation and PIA workflows.
Contribute to the development of
cloud and privacy risk metrics
for dashboards and regulatory reporting.
Advocate and promote awareness of
cloud security and privacy risks
across business and technology teams.
What You’re Good At
Building strong relationships and partnering closely with security, privacy, and technology teams across Schwab.
Communicating complex technical and regulatory concepts in clear, actionable terms.
Driving continuous improvement in assessment processes, reporting, and automation.
Working independently and collaboratively in a fast-paced, results-oriented environment.
Required Qualifications
3–5 years
of experience in information security, risk assessment, or privacy compliance, with hands‑on experience in
cloud security assessments
and
PIAs .
Strong knowledge of
cloud platforms
(AWS, Azure, GCP) and associated security controls.
Familiarity with
privacy‑by‑design principles
and data protection laws (GDPR, CCPA, GLBA).
Expertise in information security best practices and technology risk management disciplines.
Experience with frameworks such as
CSA CCM ,
ISO 27001 , and
NIST CSF .
Working knowledge of software development practices and technologies.
Ability to develop and present
risk metrics and executive dashboards .
Excellent analytical and technical skills; able to research problems, determine root causes, and propose solutions.
Experience using collaboration platforms such as
MS SharePoint, PowerBI, PowerAutomate, and Jira .
Bachelor’s Degree in Computer Science or related discipline.
Relevant certifications or ability to obtain:
CISSP ,
CCSP ,
CIPT ,
CISM , or
CRISC .
Preferred Qualifications
Experience with
cloud compliance automation tools .
Knowledge of
data residency and cross-border data transfer requirements .
Familiarity with
privacy‑enhancing technologies .
What’s in it for you At Schwab, you’re empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase plan
Paid time for vacation, volunteering, and 28‑day sabbatical after every 5 years of service for eligible positions
Paid parental leave and family building benefits
Tuition reimbursement
Health, dental, and vision insurance
#J-18808-Ljbffr