Senior Manager, Vulnerability Management Enablement (Individual Contributor)

Your opportunity

At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) performs scanning, risk prioritization, and enforcement across patching and secure configuration, as well as holistic risk aggregation for other control opportunities.

The Opportunity:

The Enterprise Vulnerability Management (EVM) team is expanding our aggregation of platform risks, as well as using agentic AI and other automation to enable wider visibility and increased velocity of execution. We need a skilled and experienced Senior Manager to envision, design, and execute implementation and value realization for these capabilities.

You’ll be instrumental in converting our vision for industry-leading holistic risk aggregation into life. This will involve cross-functional partnerships across the security organization to identify new risks, technical acumen to enable scalable risk identification and aggregation, and risk mindset to prioritize the ongoing backlog of opportunities. If you’re passionate about evolving vulnerability management to holistic evaluation of layered security implementation, we’d love to chat.

What you’ll do:

• Design and implement scalable vulnerability and layered security monitoring using agentic AI (e.g. Copilot Studio, Vertex AI), RPA (e.g. PowerPlatform), or other platforms
• Evangelize the value realization and expansion of automated processes for wider and faster vulnerability management processes
• Continuously re-evaluate the monitoring approach for layered security implementation, including automated detection, aggregation, metrics, and escalation
• Partner with security subject matter experts (SMEs) across all security domains to identify risks, monitoring options, and actionable remediation guidance for holistic vulnerability and layered security risk management
• Advocate for scalable security: reduce noise, improve coverage, and automate sanity checks

What you have

Required Qualifications:

• 5+ years of security experience, especially focused on layered security controls including patching, configuration management, EDR, IAM, and/or network access rules
• 5+ years of experience with security control monitoring, prioritization, and enforcement
• 5+ years of experience with process analysis, documentation, and improvement
• 3+ years of experience with Robotics Process Automation (RPA) or other automation tools
• 3+ years of experience with process governance and compliance management
• 1+ years with hands-on experimentation and value realization with LLM or agentic AI
• Solid systems knowledge (Linux, Windows, cloud, or networking preferred)
• A clear, thoughtful communication style and a collaborative approach to problem solving
• Bachelor’s degree in computer science, engineering, or a related field

Preferred Qualifications:

• 3+ years of experience with vulnerability identification, prioritization, and/or enforcement
• Security certifications, such as CISSP, CISM, GIAC, or Cloud Security certifications are preferred
• Hands on experience administering one or more technology platforms is a plus

In addition to the salary range, this role is also eligible for bonus or incentive opportunities