Skip to main content

Search Jobs

Lead Threat Intelligence Analyst

Phoenix, Arizona

Requisition ID 2023-94669 Category Technology Position type Regular Salary USD $116,100 - $258,100 / Year

Your Opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

Charles Schwab’s Cybersecurity Operations organization Threat Intelligence team members are tasked with exciting opportunities. Developing relationships both internally and externally, identifying trends, educating employees, studying attacker TTPs and providing proactive defense measures and models to other teams. As the Lead Cyber Threat Intelligence Analyst, you will play a critical role in analysis of disparate information and synthesizing into relevant actionable intelligence.

  • Focus on identifying and analyzing threats to Schwab and its core assets.
  • Deliver accurate, timely and professional intelligence products.
  • Support investigative efforts within the CSOC and the Security Organization.
  • Collaborate with peer departments across the firm.
  • Build positive and productive relationships with the business and technology.

What you have

Required qualifications

  • BS in Computer Science (or related field) or equivalent work experience.
  • Minimum of 7 years of experience in one or more of the following areas is required: Information Security, Enterprise Security Monitoring & response, Security Orchestration and Automation, Information Technology, penetration testing, threat intelligence, security architecture/design strategy, system analysis and implementation, or related function.
  • Minimum of 5 years of experience
    • Working with how advanced adversaries operate, their TTPs and malware families
    • In monitoring OSINT (Open-Source Intelligence), SOCMINT (Social Media Intelligence), and internal intelligence resources for known and emerging security threats to employee safety, company security, business operations, or reputation risks and provide correlation and trending analysis.
    • Developing and managing relationships with high-level law enforcement officials and international counterparts, including international security agencies, intelligence, and other relevant governmental functions and private sector counterparts worldwide


  • Experience conducting threat hunting to identify, classify, prioritize, and report on cyber threats following industry best practices.
  • Collecting, processing, cataloging, and documenting threat information and regularly provide expert analysis through curated intelligence briefings.
  • Experience in the consumption, processing, and analysis of tactical Cyber Threat Intelligence within an operational environment, supporting monitoring detection and response capabilities.
  • Experience with any Public Clouds (AWS/GCP/Azure)
  • Works in cooperation with vital stakeholders, participates and executes in developing an effective strategy to assess and mitigate foreign and domestic risk, manage crises and incidents, and safeguard the organization.
  • Directs and assists team resources in identifying, developing, implementing, and maintaining security processes, practices, and policies throughout the organization to reduce risks, respond to incidents, and limit exposure and liability in all areas of information, financial, physical, personal, and reputational risk.
  • Ensures the organization’s compliance with the local, national, and international regulatory environments where applicable to the accountability of this role (i.e., privacy, data protection, and environmental health and safety).
  • Contribute to advancing the organization's global security intelligence program, focusing on actionable data to proactively protect the company, employees, and assets.
  • Experience with reporting/visualization of metrics, establishing and maintaining standards, processes, and procedures.
  • Demonstrated effectiveness influencing the cross-organizational teams.
  • Understanding of NIST, MITRE ATT&CK framework.
  • Experience with varied technologies including SOAR, SIEM, Cloud based security platforms, data analysis tools.

What’s in it for you

At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you – both today and in the future:

  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance

Eligible Schwabbies receive

  • Medical, dental and vision benefits

  • 401(k) and employee stock purchase plans

  • Tuition reimbursement to keep developing your career

  • Paid parental leave and adoption/family building benefits

  • Sabbatical leave available after five years of employment