Security Analyst, Secure Configuration Management
Your Opportunity
Your opportunity
At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) is responsible for Secure Configuration Management – and we are looking for an Analyst to support the development, maintenance and monitoring of secure baselines across the firm’s infrastructure.
The Opportunity
In this individual contributor role, you’ll play a critical role in the day-to-day execution of our secure configuration program. You’ll assist in translating hardening standards into actionable baselines, help validate implementation and contribute to drift monitoring efforts. This is an ideal opportunity for someone with a strong IT foundation who’s eager to deepen their security skillset in a hands-on enterprise scale environment.
What you’ll do:
- Support the creation and maintenance of secure configuration baselines aligned to CIS, NIST, or vendor hardening guidance
- Assist in tracking baseline coverage, implementation status, and remediation efforts across platforms
- Review configuration data and monitoring output to identify drift or gaps in enforcement
- Collaborate with engineers to test and validate automation logic (e.g., Ansible playbooks)
- Help document deviations, exceptions and team runbooks
- Maintain Jira workflows and contribute to process improvement efforts across the baseline lifecycle
- Advocate for scalable security: reduce noise, improve coverage, and automate sanity checks
What you have
Required Qualifications:
- 2-4 years of experience in IT, cybersecurity, or systems administration with exposure to enterprise environments
- Understanding of secure configuration principles for systems such as Windows, Linux, cloud platforms or networking devices
- Familiarity with scripting languages or configuration tools
- Ability to interpret security benchmarks and translate technical guidance into actionable requirements
- Attention to detail and a strong sense of accountability
- Familiarity with CIS Benchmarks, NIST, DISA STIGS, or vendor-specific hardening guidelines
- Experience reviewing scan data from tools like Qualys, CrowdStrike, or similar platforms
- Hands on experience administering one or more technology platforms is a plus
- Bachelor's Degree in Computer Science, Engineering, or a related field
In addition to the salary range, this role is also eligible for bonus or incentive opportunities.
What’s in it for you
At Schwab, we’re committed to empowering our employees’ personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
- 401(k) with company match and Employee stock purchase plan
- Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
- Paid parental leave and family building benefits
- Tuition reimbursement
- Health, dental, and vision insurance
What you are good at
What you have
Required Qualifications:
- 2-4 years of experience in IT, cybersecurity, or systems administration with exposure to enterprise environments
- Understanding of secure configuration principles for systems such as Windows, Linux, cloud platforms or networking devices
- Familiarity with scripting languages or configuration tools
- Ability to interpret security benchmarks and translate technical guidance into actionable requirements
- Attention to detail and a strong sense of accountability
- Familiarity with CIS Benchmarks, NIST, DISA STIGS, or vendor-specific hardening guidelines
- Experience reviewing scan data from tools like Qualys, CrowdStrike, or similar platforms
- Hands on experience administering one or more technology platforms is a plus
- Bachelor's Degree in Computer Science, Engineering, or a related field
In addition to the salary range, this role is also eligible for bonus or incentive opportunities.
Why Schwab?
At Schwab, “Own Your Tomorrow” embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. We’re a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.
Hear from employees: What’s it like to work at Schwab!
The benefits of working at Schwab : a package designed to empower your health, wealth, career and life. Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.
As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.)
Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace. We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.