Manager, Third Party Cybersecurity Technology Risk Manager

Job Description

Your Opportunity

We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established by Chuck over 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

We are Vendor Technology Risk Management (VTRM), the team within Schwab’s Third Party Risk Management (TPRM) department responsible for providing Schwab with a competitive advantage through industry-leading oversight practices that are designed to identify and address the risks arising from third party engagements, which may include third party access to Schwab’s network or information assets or Schwab’s access to those of its vendors. Our primary goal is to protect Client and Schwab sensitive information while enabling Schwab’s business commitments to product, service and client growth. We are seeking a Manager to assist the team with day-to-day operations to ensure Schwab’s requirements around information security are met by its vendor partnerships, as well as being responsible for program management and enhancement of the VTRM program.

What you are good at

• Serving as the responsible subject matter expert on vendor cyber security risk which includes:
  • Leading risk identification, quantification, and management efforts
  • Providing risk evaluation and assessment of likelihood and impact of security findings, vulnerabilities and exceptions
• Drive all aspects of Information Security vendor assessments which include scheduling and conducting vendor Information Security assessments (questionnaires, third party security audit reports, onsite assessments, etc.) and escalating issues associated with vendors as needed.
• Identify and document deficiencies and vulnerabilities with a vendor’s Information Security program. Validate evidence from vendor, before findings are closed.
• Assess remediation plans and non-compliance acceptances across multiple business lines where Information Security standards compliance cannot be achieved.
• Oversight of 1LoD Information Security assessments, contracting & third-party incident management ensuring Schwab’s standards are met, effective challenge of 1LoD recommendations not in alignment with expectations.
• Coordinate Information Security incident management events, incident data collection, remediation activities and management reporting of vendor security incidents.
• Partner with Schwab Legal for inclusion/negotiation of appropriate Information Security contract language within vendor agreements (new, renewal and amendments).
• Identify opportunities for improving the vendor Information Security risk posture as well as Schwab’s vendor risk management processes, including expanded monitoring, KPI tracking, etc.
• Participate in planning and strategy discussions around program development and management priorities including generating ideas, identifying trends and developing recommendations to shape strategy and objectives.
• Develop and cultivate partnerships with functional and vendor-facing business units across the Charles Schwab enterprise.
• Other duties and special projects as assigned.

What you have

• A Bachelor’s degree
• 3+ years of progressively relevant technical experience
• 1+ years of IT security experience, in security risk and compliance assessments for applications, infrastructure, and vendor / third parties, review of technical security requirements, review, approve and track security exceptions and remediation.
• Exhibit strong relationship management and interpersonal skills, along with excellent written and oral communication skills that include being able to synthesize data, develop recommendations, and influence and persuade partners.
• Strong analytical and problem-solving skills with the ability to identify opportunities and execute to meet strategic objectives, along with a proven history of proactively identifying problems, determining pragmatic solutions, identifying and obtaining needed resources, and executing with little or no supervision

The following qualifications are strongly preferred:

• Financial Services experience
• Advanced Information Security certification (examples could include: ACISSP, CISSP, CTPRP or equivalent is preferred, but CISM, CISA, or similar certifications are also useful

Why work for us?

Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.

Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future. Explore further.

Schwab is committed to building a diverse and inclusive workplace where everyone feels valued. As an Equal Opportunity Employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. Please click here to see the policy.

Schwab is an affirmative action employer, focused on advancing women, racial and ethnic minorities, veterans, and individuals with disabilities in the workplace. If you have a disability and require reasonable accommodations in the application process, contact Human Resources at [email protected] or call 800-275-1281.

TD Ameritrade, a subsidiary of Charles Schwab, is an Equal Opportunity Employer. At TD Ameritrade we believe People Matter. We value diversity and believe that it goes beyond all protected classes, thoughts, ideas, and perspectives.