Program Manager (IC), Vulnerability Management Operations

Your opportunity

At Charles Schwab, our purpose is simple: we champion client’s goals with passion and integrity. Guided by honesty, mutual respect and a commitment to doing what’s right, we bring innovation, education, and service together to help shape financial futures. Our people are the foundation of our success – they approach their work with curiosity and collaboration, coming together to create solutions that make a meaningful impact for clients and communities. As we expand into India, we are bringing this same culture of inclusion, learning, and opportunity to new talent. Joining us means becoming part of a global team where your work matters and your future can take shape.​

Our Hyderabad location is central to Schwab’s growth, bringing together talented people and technology to drive innovation, scale and efficiency. Here, you will work alongside teams who create solutions that support millions of clients every day. The work you do is more than daily operations – it’s a chance to experiment, learn, and build within a values-driven, supportive environment. This is a unique opportunity to be part of our early growth phase and shape something new, backed by the stability and strength of a Fortune 500 company. Your impact begins on day one, and your contributions will help define our future in the region​

​​​

The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) performs scanning, risk prioritization, and enforcement across patching and secure configuration, as well as holistic risk aggregation for other control opportunities. With the heightened urgency of vulnerability management, EVM is expanding our vulnerability management team. You would perform vulnerability risk analysis and SLA adjustments, enhancing existing automation- using an attack path-based approach to enable consistent, risk-based decision making

Key Responsibilities:

• Lead attack path evaluation and escalation program, especially focused on missing or misconfigured mitigating controls.
• Lead evaluation of vulnerability SLA Deviation Requests for risk dispositioning and acceptance.
• Facilitate monitoring for overdue vulnerabilities without established SLA Deviations or remediation plans

What you have

Required Qualifications:       

• 5+ years of security experience, especially focused on layered security controls including patching, configuration management, EDR, IAM, and/or network access rules 
• 5+ years of experience with security control monitoring, prioritization, and enforcement  
• 3+ years of experience with compliance management 
• Solid systems knowledge (Linux, Windows, cloud, or networking preferred)  
• A clear, thoughtful communication style and a collaborative approach to problem solving  
• Bachelor’s degree in computer science, engineering, or a related field

Preferred Qualifications:

• 3+ years of experience with process analysis, documentation, and improvement 
• 1+ years with hands-on experimentation and value realization with LLM or agentic AI