Security Architect Lead

Your opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

The Security Design team handles the Firm’s security strategy and domain security architecture vision and development. We drive and synchronize security strategies aligned with technology and business priorities along with validating future directions.

In this role, the Security Architect will have responsibility for identifying, defining, developing, leading security technology strategy across a broad portfolio of security and related technology systems, and the assessment of new and emerging security technologies at the very large enterprise scale.

As a senior member of Schwab Cybersecurity Services (SCS), you will engage and partner with senior leaders across the organization leveraging your extensive background in (managing / delivering / implementing / architecting) various security technologies, combined with expertise in organizational and cross-functional communication, influence roadmaps, solution adoption, champion strategic opportunities / execution plans with the aim to improve security capabilities, reduce risk, and position forward looking platform security enhancements.

Responsibilities include, but are not limited to:

• Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology, and platform choices
• Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities
• Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions
• Contributes to best practices, guidelines, standard templates, and the architecture roadmap for defined domains.
• Creates security reference architecture patterns for reusability.
• Contributes to the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap
• Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog
• The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps
• Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments
• Performs design reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability)
• Develops security patterns, standards, and architectural decision records to ensure Schwab data at rest, in motion or in use is properly secured
• Liaises with other security architects and security practitioners to share best practices and insights
• Designs and develops security architectures for cloud/hybrid-based systems

What you have

Required Qualifications:

• 4-year college/university degree required
• Minimum 10+ years of experience in Cyber Securitypreferably in the financial services industry
• Subject matter expertise in one or more of the following domains:
• Data Protection
• Database Activity Monitoring
• Data Loss Prevention
• Cryptography
• IAM
• IAM Concepts such as authentication, authorization, identity governance, secrets management & privileged access management.
• Integration patterns for on-prem systems as well as SaaS and Cloud Platforms.
• Hybrid multi cloud security (VMware, GCP, AWS, Azure, etc.)
• Container Security (Docker, Kubernetes, OpenShift, etc.)
• Application Security
• SSDLC
• Distributed Application Architecture
• Application Development
• Vulnerability Remediation
• API Management
• Enterprise Vulnerability Management
• Endpoint Security
• Zero Trust
• Experience implementing/configuring cloud services and tools aligned to our security priorities
• Demonstrates flexibility within a variety of changing situations, while working with individuals and groups.
• Excellent written and verbal communication skills.
• Strong ability to effectively communicate with and present to C level as well as the senior leadership team.
• Experience with assessment, development, implementation, integration, optimization, and documentation of a comprehensive and broad set of security technologies and processes in on premise, public, and private cloud environments.

• Experience with DevSecOps process, AI security, and data warehousing.
• Strong knowledge of enterprise security concepts/frameworks and products, secure design principles, and best practices
• Experience implementing industry/compliance frameworks (NIST 800-53, CIS benchmarks, ISO 27000 series, COBIT, etc.)
• Must be able to quickly and succinctly design and create technical solution/process documentation
• Must be a self-starter, strong leader who is able to influence senior engineers and architects; work with limited supervision & be able to work well with others in a globally diverse IT environment
• CISSP, CCSP, and TOGAF certification preferred. Other related  certifications a plus

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.