Security Development Operations Engineer

Your opportunity

In Schwab Cybersecurity Services (SCS), Office of CISO, we provide platforms, services, and security operations capabilities which enable the firm to produce successful client and shareholder outcomes securely and safely. Securing our IT assets, data, and access to applications is the core of who we are and what we do.  We ensure only the appropriate entities have access to IT resources and that we adhere to best practices and standards to ensure a safe and compliant environment is maintained. 

The Network Security team within SCS has an opening for a Network Security Engineer.  You will be responsible for mentoring and leading initiatives with a diversified team of security engineering professionals. As a Lead, you will be directing Engineering tasks, implementing, and maintaining security measures throughout the Software Development Lifecycle (SDLC), focusing on areas like security-by-design, secure coding practices and automating maintaining network security capabilities including segmentation, zero trust, network and platform resiliency, enhanced network visibility and implementation of solutions to address security control gaps. All while playing a crucial role in enabling product and project teams to build secure applications by collaborating with them to understand their needs and integrate security products and processes. This includes automating security testing and compliance checks within CI/CD pipelines. Strong analysis and troubleshooting skills will be vital to identify root causes and help application teams and business partners address security issues effectively. You will be responsible for providing input on and setting up secure development best practices, processes, and tools to ensure high-priority initiatives are completed with a sense of urgency, with security embedded from the start. In addition to this, this position will be responsible for giving input on and setting up development best practices, processes, and tools to ensure high priority initiatives are completed with a sense of urgency. Our ideal candidate is a self-starter who can lead multiple parallel initiatives – big and small - with attention to detail, meet business partner expectation and is passionate about the development and implementation of network security solutions, system reliability, forensic examination, analysis, incident handling and triage. Candidate must have implementation expertise in network security controls and has worked in a large-scale enterprise environment including experience in traditional data centers, private and public cloud.

What you are good at

• Partner with Schwab counterparts to implement designs and technologies that reduce network security deficiencies and deliver on the network strategy.
• Translate/engineer architectural requirements and high-level design into a deployable and manageable implementation.
• Develop technical solutions to ensure 3rd party partners connect to us in a way that protects our systems and client data.
• Participate in development, implementation of security design & engineering principles and standards and build a network strategy that leaps the enterprise into a next gen approach
• Assists IT operations and security owners to implement scalable security capabilities and processes.
• Expertise in the implementation of public cloud solutions and services as well as next generation access such as SASE architecture principles.
• Be highly visible in the security and infrastructure communities at Schwab.
• Demonstrated ability to define and communicate technical strategy/vision and influence across Schwab is essential. As well as effectively encourage and influence teams and partners in delivering technology-enabled business solutions that meet business needs.
• Demonstrate a dedication to integrity and ethics, process improvement, and customer satisfaction.
• Ability to build positive relationships and promote change, collaboration, to coach, mentor, and provide direct, timely feedback.

What you have

Required Qualifications:

• 5-8 years highly technical experience with engineering roles, security development, and operations (SecDevOps) spanning traditional data center and cloud-based solutions.
• Python, Punisher, Vis Studio, Zscaler & Akamai experience,

• DevSecOps experience - The ability to use automation to drive delivery by leveraging APIs, policy as code (Terraform, Ansible, or SaltStack). If no prior experience, must be open to training / understanding automation to get to desired state work.
• Experience in the following

• Captive Portal integration
• Zscaler ZCC Dashboard
• SOC-URL Blocking
• Zscaler alerts Moogsoft and Xmatters
• FastAPI worker standardization
• Zscaler config Backup Automation
• Zscaler platform feed and alert notification
• Zscaler platform Active Monitoring
• Zscaler logging, Metrics, and Alerting
• Terraform IaC tool for configuration provisioning
• Resiliency automation
• IoT & oT 

• A strong passion for continued learning, remaining current on industry trends, and evolving best practices.
• Working knowledge of the NIST CSF and industry security standards.
• The ability to persuade others, often at senior levels, to adopt a different point of view.

• Solid understanding of Agile/scrum environment producing incremental deliveries.
• Bachelor’s Degree in computer science or similar.
• Demonstrated success in a complex enterprise environment.
• Excellent verbal and written communications skills with the ability to partner and collaborate with other teams effectively across the enterprise. Ability to think and work independently.
• CCIE, CISSP or prior financial services experience a plus.