Director, Information Security Awareness

Charles Schwab   •  

Phoenix, AZ

Industry: Financial Services

  •  

15+ years

Posted 427 days ago

This job is no longer available.

Our Opportunity:

Information SecurityRisk Management (ISRM) is a part of Corporate Risk Management (CRM) that provides an integrated risk management strategy that supports delivery of predictable financial and operational performance in order to produce successful client and shareholder outcomes.  The ISRM team is responsible for the development and maintenance of Schwab's information security program, including the Company's Information Security Policy, which is periodically reviewed and approved by the Board, the creation and execution of the information security strategy, and the implementation of the information security framework. The Information SecurityRisk (IS) program is managed within the Firm in a centralized manner. 

In this role, you will be the leader responsible for designing, implementing, and maintaining one of the most sophisticated information security awareness programs in the industry. You will partner with Schwab’s internal threat intelligence and cybersecurity teams to identify and prioritize the securitythreats your program will address. You will then leverage your creative skills to determine achievable human-behavior targets that have game-changing impact on Charles Schwab’s security posture. You’ll develop metrics to measure behavioral change, and implement a program that makes a lasting impact on behavioral drivers of information security.

What you’ll do:

Core responsibilities will include:

  • Overall program management for the Corporate-wide Information Security Awareness Program
  • Set and achieve annual strategic goals
  • Represent the Program for internal and external Charles Schwab stakeholders
  • Meet or exceed regulatory compliance requirements for security awareness
  • Produce high-quality reporting and program documentation
  • Own and maintain the catalogue of information securitythreats in-scope for the Program
  • Partner with the Charles Schwab cybersecurity organization to determine in-scope threats
  • Decompose in-scope threats into measurable behavioral elements
  • Determine desirable human performance outcomes / metrics for each element
  • Design, propose, and execute tactical awareness campaigns based on the threat catalogue
  • Maintain execution plans for all campaigns and ensure on-time delivery
  • Develop and maintain program budget ensuring on-budget delivery of campaigns
  • Manage scope, schedule and cost for campaigns and Program
  • Ensure closed-loop program by tailoring and executing follow-up actions based on campaigns
  • Establish, manage, and leverage awareness channels such as digital communications, print media, and live events to maximize security awareness outcomes
  • Effectively manage vendors as needed to measure and create security awareness outcomes
  • Develop executive level communications and presentation materials relative to the Program

What you have:

  • Possesses functional and industry experience; expected to be subject area expert in specific skill set (security awareness), business area or products
  • Practical knowledge of organizational change management fundamentals, applying skills and competencies in challenging and complex situations (information security awareness)
  • Professionally qualified or equivalent typically with 12+ years of experience, or equivalent combination of education and experience
  • Four-YearDegree in Computer Science, Computer Engineering, Management of Information Systems, Information Security, Organizational Change Management, or similar
  • Work Experience: Minimum of 10 years between information security and information technology

Required Key Skills

  • Practical understanding of cybersecurity and risk management fundamentals
  • Analytical and critical thinking skills
  • Ability to define strategy and convert into tactical execution plan
  • Practical understanding of metrics and statistics
  • Ability to define and develop content for corporate-wide Information Security policies and standards
  • Organizational skills including coordination amongst various groups in a matrixed environment
  • Project and program management
  • Written and verbal communication skills
  • Computer skills, with in-depth knowledge of Office (Word, Outlook, PowerPoint and Excel)
  • Interpersonal skills with ability to regularly interact effectively throughout all levels including regular interaction with Schwab executives
  • Negotiation and influencing skills with various levels of the organization including senior leaders
  • Outstanding self-motivation / initiative
  • Able to work and thrive in a fast-paced and dynamic environment
  • Able to recognize potential issues as they arise and escalate when necessary
  • Able to work independently, managing multiple tasks simultaneously to a high degree of accuracy

Desired (Preferred) Qualifications:

  • Prior experience managing: people, projects, and/or programs
  • Prior experience working at Charles Schwab, a financial services or banking firm
  • One or more industry-standard information security certifications (e.g. CISSP, CISM, etc.)

What you’ll get:

  • Comprehensive Compensation and Benefits package
  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
  • Not just a job, but a career, with an opportunity to do the best work of your life

Learn more about Life@Schwab.

Charles Schwab & Co., Inc. is an equal opportunity and affirmative action employer committed to diversifying its workforce. It is Schwab's policy to provide equal employment opportunities to all employees and applicants without regard to race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity or expression, national origin, ancestry, age, disability, legally protected medical condition, genetic information, marital status, sexual orientation, protected veteran status, military status, citizenship status or any other status that is protected by law.

20170915-4790