Security Software Development Engineer

Your opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Schwab Cybersecurity Services (SCS) organization is a centralized Center of Excellence (COE) within Schwab Technology Services (STS) that provides security services to advance Schwab’s security posture of critical assets.

Application and Data Engineering organization within SCS owns the strategy, design, development, implementation and support through automation and orchestration for achieving high security and performance, increasing efficiency, and eliminating manual repetitive tasks in cyber operations and business process within SCS. We are looking for the right candidate to join our team as a Security Software Development Engineer with responsibilities that include:

• Designing, building orchestration and automation solutions using Google SecOps platform.
• Designing and developing end-to-end secure log ingestion pipelines, ensuring data is accurately parsed, normalized, and enriched for analysis within the SIEM.
• Collaborating with Security Operations Center (SOC) analysts to develop, assess, and tune high-fidelity detection rules, analytics, and correlation searches.
• Developing, implementing, and maintaining automation playbooks and workflows to streamline security operations and accelerate incident response and triage.
• Integrating AI and machine learning capabilities into security workflows. Leveraging Google's AI services (e.g., Gemini for Security Operations) to enable intelligent, context-aware next generation automation solutions.
• Creating comprehensive technical documentation. Generate reports to demonstrate the effectiveness of automated security controls.
• Positively influencing the behavior of peers and building relationships with other teams independently.
• Working on problems of diverse scope where analysis of data requires evaluating specific factors.

What you have

Required:

• 5 to 8 years of direct experience in cybersecurity engineering, with experience in SIEM/SOAR development.
• Deep proficiency in Cloud service implementation preferably Google Cloud Platform (GCP) services
• Strong programming skills in Python for scripting, automation, and API integrations.
• Expertise in threat detection, incident response, threat intelligence, and common attack frameworks like MITRE ATT&CK.
• Ability to analyze security event data, troubleshoot complex issues related to log sources, and fine-tune detection logic.
• Ability to thrive in dynamic and fast-paced team environments, adjusting quickly to shifting priorities.
• Exposure and strong interest in cloud AI/ML frameworks
• Excellent communication, collaboration, and critical thinking skills.
• A bachelor’s degree in computer science, Information Security, or a related field

Preferred:

• Relevant certifications such as Google Professional Cloud Security Engineer or Certified Information Systems Security Professional (CISSP) are preferred.
• Demonstrated experience applying AI and machine learning concepts to security, including Google's AI-powered security features

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.