Skip to main content
Saved Jobs 0
Search Jobs

Search Jobs

Cybersecurity Findings Analyst

Location Phoenix, Arizona, United States Requisition ID 2025-107969 Category Engineering & Software Development Position Type Regular CO Salary Range Yearly
Apply Now

Your Opportunity

Your opportunity


At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We are seeking a motivated Analyst to assist the Schwab Red Team by managing the firm's red team findings and vulnerability mitigation efforts.

As a Cybersecurity Findings Analyst, you will be responsible for working with penetration testers to document vulnerabilities, recommendations and observations found during test efforts, work with finding owners to manage and document the progression of any mitigating controls or actions, and assist with validating the effectiveness of any mitigating controls and actions.  

This position offers an opportunity to actively manage and mitigate risk to the firm by ensuring the prioritization and timely mitigation of vulnerabilities and security risks.  The role would be ideally suited to an individual with experience managing tasks and small projects with an interest in offensive security and includes opportunities to participate in red team exercises and penetration tests.  

What you'll do:

Reviewing penetration test results:
Thoroughly examining the data gathered by penetration testers, including identified vulnerabilities, exploitability levels, and potential attack vectors.  Assist with assigning severity and criticality for each vulnerability or finding, identifying recommendations and appropriate observations,

Reporting & Deliverables:
Work with penetration testers on documenting findings identified during test efforts.  Ensure findings are sufficiently detailed, clearly communicate risk, can be reproduced by stakeholders, and have appropriate evidence of exploits and recommended next steps.  Work with penetration testers on documenting and managing finding creation in JIRA.

Communication and collaboration:
Assist with presenting findings to stakeholders, including technical and non-technical audiences and explaining the risks in understandable terms.  Work with stakeholders to identify finding owners, obtain regular updates on necessary fixes and progress, and document finding mitigation efforts.  Work with peer teams to refer, manage and escalate findings as appropriate.

Finding Management:
Document all finding management efforts in JIRA.  Work to maintain finding quality and reporting.  Actively monitor & document finding progress with stakeholders.

Testing & Validation:
Work either independently or with penetration testers to reproduce penetration test findings, validate the effectiveness of mitigating controls, and document evidence of closed findings.  Participate in penetration tests, control tests and red team exercises.

What you have


To ensure that we have fulfilled our promise of "challenging the status quo," this role has specific qualifications that successful candidates should have.

Key Competencies:

  • Strong communication skills.
  • Strong analytical and critical thinking skills.
  • Detail-oriented, self-driven, and capable of working independently in a fast-paced environment.

Required Qualifications:

Technical expertise:
Broad familiarity with network protocols, operating systems, web application security, databases, and common vulnerabilities (OWASP/CVE).  Familiarity with Cybersecurity industry standards and best practices for secure system design and configuration.

Analytical skills:
Ability to analyze complex data, identify patterns, and draw logical conclusions about potential threats.  Familiarity with common approaches to risk rating such as CVE, CVSS and DREAD.

Report writing Skills:
Clear and concise communication of technical information in a way that is easily understood by non-technical audiences.

Project Management Skills:
Experience managing small projects, tasks, bugs or issues.

Problem-solving skills:
Identifying practical solutions to mitigate vulnerabilities and implement effective security controls.

Preferred

  • Experience in a bug, findings or vulnerability management role.
  • Relevant certifications such as CISSP, GPEN or OSCP.
  • Experience managing projects, tasks & Issues in JIRA.
  • Bachelor’s degree in cybersecurity, information technology, or a related field preferred.
  • Experience with scripting and automation (e.g. Python, PowerShell, JIRA Simple Issue Language) a plus.

In addition to the salary range, this role is also eligible for bonus or incentive opportunities


What’s in it for you

At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you – both today and in the future:

  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance

What you are good at

What you have

To ensure that we have fulfilled our promise of "challenging the status quo," this role has specific qualifications that successful candidates should have.

 

 

Key Competencies:

  • Strong communication skills.
  • Strong analytical and critical thinking skills.
  • Detail-oriented, self-driven, and capable of working independently in a fast-paced environment.

 

Required Qualifications:

Technical expertise:
Broad familiarity with network protocols, operating systems, web application security, databases, and common vulnerabilities (OWASP/CVE).  Familiarity with Cybersecurity industry standards and best practices for secure system design and configuration.

Analytical skills:
Ability to analyze complex data, identify patterns, and draw logical conclusions about potential threats.  Familiarity with common approaches to risk rating such as CVE, CVSS and DREAD.

Report writing Skills:
Clear and concise communication of technical information in a way that is easily understood by non-technical audiences.

Project Management Skills:
Experience managing small projects, tasks, bugs or issues.

Problem-solving skills:
Identifying practical solutions to mitigate vulnerabilities and implement effective security controls.

Preferred

  • Experience in a bug, findings or vulnerability management role.
  • Relevant certifications such as CISSP, GPEN or OSCP.
  • Experience managing projects, tasks & Issues in JIRA.
  • Bachelor’s degree in cybersecurity, information technology, or a related field preferred.
  • Experience with scripting and automation (e.g. Python, PowerShell, JIRA Simple Issue Language) a plus.

 

In addition to the salary range, this role is also eligible for bonus or incentive opportunities

 

Why Schwab?

At Schwab, “Own Your Tomorrow” embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. We’re a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.

Hear from employees: What’s it like to work at Schwab!

The benefits of working at Schwab : a package designed to empower your health, wealth, career and life. Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.

As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.)

Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace. We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.

Apply Now