PKI Security Engineer
Your Opportunity
Your opportunity
At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.
We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).
At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together. Schwab’s Cybersecurity organization is the first line of defense for the Firm. The Senior Security Engineer of the Public Key Infrastructure (PKI) team will play a key role on a team of cyber security data protection subject matter experts and engineers to create, implement, and maintain PKI controls using on-prem, SaaS, and IaaS cloud-based solutions to reduce risk and enforce Schwab’s security policies and standards for data protection. You are a driven senior engineer with a deep passion to be an accelerator and change agent with the ability to build a security community and progressive Dev/SEC/Op’s culture.
You will be responsible for innovating, developing, and implementing groundbreaking PKI capabilities to secure data in on-prem, SaaS, and IaaS workloads. You have in-depth experience in managing and deploy Public Key Infrastructure environments, Certificate Authorities (CA), and in maintaining the lifecycle of X.509 certificates across large corporate enterprise environments. This role requires expertise in the cybersecurity industry.
Responsibilities Include, but not Limited to:
- Perform senior engineering responsibilities as part of a team and work with partners to architect and deploy PKI infrastructure, including Certificate Authorities (CAs), Registration Authorities (RAs), and Hardware Security Modules (HSMs).
- Implement and maintain the issuance and management of digital certificates for users, servers, and devices across the organization.
- Define certificate lifecycle management policies (issuance, renewal, revocation).
- Integrate PKI with other security systems like authentication and access control mechanisms.
- Conduct regular security assessments and audits of PKI systems to identify vulnerabilities and potential risks.
- Work with other IT teams to integrate PKI solutions into existing systems and applications.
- Maintain close ties to various stakeholders, developers, and engineers across the company, ensuring the services we create meet their needs as products evolve.
- Communicate extensively with Data Protection Product and engineering teams across the organization.
- Drive complex technical initiatives to full delivery leveraging knowledge of Cyber security practices, software engineering principles, agile frameworks, and customer engagement.
- Design, build, and maintain infrastructure to meet the organization’s requirements and ensure high availability.
- Applying adept understanding and experience with systems automation platforms and technologies.
What you have
Required:
- 5+ years of hands-on experience in network security, data security, and/or other cybersecurity-related controls and technologies.
- Automation via Certificate Lifecycle Management tools using scripting and coding (Venafi, PowerShell, and Python knowledge required; GitHub and .Net knowledge highly desired)
- Bachelor’s Degree in computer science or related field highly preferred.
- Ability to foster collaborative, open, working relationships with technology groups and other stakeholders, including vendor relationships.
- Clear communication skills and ability to interact effectively at multiple levels of an organization, and to influence leadership (Including translating technical information based on specific audiences).
- Experience implementing multiple high-visibility and high-impact enterprise cybersecurity projects with cross-functional teams while maintaining superior results including planning, development and management of technical requirements, design, testing and deployment of security solutions.
- Strong understanding of Public Key Infrastructure (PKI) principles.
- Expertise in PKI technologies like Microsoft Active Directory Certificate Services (AD CS), Entrust, Venafi, or other commercial PKI solutions.
- Experience with managing Hardware Security Modules (HSMs).
Preferred:
- Multiple certifications in cybersecurity and data protection cybersecurity highly preferred (CISSP, GIAC, CISM, CCSP, CISA, or Security+, or other related certifications).
“In addition to the salary range, this role is also eligible for bonus or incentive opportunities.”
What’s in it for you
At Schwab, you’re empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
- 401(k) with company match and Employee stock purchase plan
- Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
- Paid parental leave and family building benefits
- Tuition reimbursement
- Health, dental, and vision insurance
What you are good at
What you have
Required:
- 5+ years of hands-on experience in network security, data security, and/or other cybersecurity-related controls and technologies.
- Automation via Certificate Lifecycle Management tools using scripting and coding (Venafi, PowerShell, and Python knowledge required; GitHub and .Net knowledge highly desired)
- Bachelor’s Degree in computer science or related field highly preferred.
- Ability to foster collaborative, open, working relationships with technology groups and other stakeholders, including vendor relationships.
- Clear communication skills and ability to interact effectively at multiple levels of an organization, and to influence leadership (Including translating technical information based on specific audiences).
- Experience implementing multiple high-visibility and high-impact enterprise cybersecurity projects with cross-functional teams while maintaining superior results including planning, development and management of technical requirements, design, testing and deployment of security solutions.
- Strong understanding of Public Key Infrastructure (PKI) principles.
- Expertise in PKI technologies like Microsoft Active Directory Certificate Services (AD CS), Entrust, Venafi, or other commercial PKI solutions.
- Experience with managing Hardware Security Modules (HSMs).
Preferred:
- Multiple certifications in cybersecurity and data protection cybersecurity highly preferred (CISSP, GIAC, CISM, CCSP, CISA, or Security+, or other related certifications).
“In addition to the salary range, this role is also eligible for bonus or incentive opportunities.”
Why Schwab?
At Schwab, “Own Your Tomorrow” embodies everything we do! We are committed to helping our employees unleash their potential and achieve their dreams. Our employees get to play a central role in disrupting a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth. We’re a modern financial services firm that stands apart from the industry, where you can go as far as your ambition takes you.
Hear from employees: What’s it like to work at Schwab!
The benefits of working at Schwab : a package designed to empower your health, wealth, career and life. Schwab is committed to building a diverse and inclusive workplace where everyone feels valued.
As an equal employment opportunity employer, our policy is to provide equal employment opportunities to all employees and applicants without regard to any status that is protected by law. (Please click here to see policy.)
Schwab is also an affirmative action employer, focused on advancing women, minorities, veterans, and individuals with disabilities in the workplace. We believe diversity and inclusion are part of our success as a company and our purpose of serving every client with passion and integrity.