Technology Risk Manager (IC), Risk and Control Self-Assessment (RCSA)

Your opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Manager, Technology Risk Management (Level 57) is responsible for supporting the maturation and sustainment of the STS Risk Management program with particular focus on executing the team’s standardized processes, quality management and governance routines to enable effective Risk and Control Self-Assessment (RCSA) execution. Key responsibilities include partnering with stakeholders to complete maintenance of Business Self-Identified Issues, RCSA Controls and participating in team process improvement activities. The ability to effectively partner with key STS stakeholders, oversight areas and peers as well as experience with technology risk management, risk and controls, RCSA program participation or governance required. This is an individual contributor role.

As an individual contributor, this role provides thought leadership, guidance, and hands-on execution across the STS community. The position requires close partnership with technology teams, business leaders, and oversight functions to ensure technology risks are identified, assessed, mitigated, and reported in alignment with enterprise risk management objectives, regulatory expectations, and industry frameworks.

The Senior Manager, Technology Risk Management, will be responsible for the following duties:

• Maintain the MyGRC STS RCSA Issues and Controls for assigned STS sub-organization and facilitate issue resolution, partnering with all lines of defense partners.
• Participate in adopting program best practices and guidance as prioritized by our stakeholders.
• Contribute to developing and maintaining procedures in support of key RCSA and Issue Management processes.
• Proactively identify controls requiring attention or strengthening and work collaboratively with other STS disciplines to implement improvements in line with corporate standards, applicable regulations, and/or best practice frameworks.
• Develop and maintain strong partnerships across the Risk Champion community, STS Management, Information Security Risk Management, Business Management, Internal Audit, Sarbanes-Oxley Compliance, and Enterprise Operational Risk Management.

What you have

Required Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Risk Management, related discipline, or equivalent industry experience.
• 3+ years of experience in technology, cybersecurity, or technology risk management disciplines.
• Strong knowledge of technology risk and control concepts, including industry frameworks such as NIST, ISO, and COBIT.
• Experience with Risk and Control Self-Assessment (RCSA) programs, risk and controls catalogs, and governance practices.
• Ability to translate business needs into technical and risk requirements and implement practical solutions.
• Strong analytical, problem-solving, and communication skills, with the ability to influence across diverse stakeholder groups.
• Proven ability to work independently, manage multiple priorities, and lead initiatives or working groups.
• Proactive, detail-oriented approach to risk identification and mitigation.
• Strong collaboration and negotiation skills across first and second lines of defense.

Preferred Qualifications

• Experience developing risk metrics, quality standards, and executive dashboards.
• Familiarity with AI technologies, automation, or advanced tooling as applied to risk assessment and control monitoring.
• Professional certifications such as CRISC, CISA, CISSP, or CISM.