Sr. Staff - Incident Response Coordinator

Charles Schwab   •  

Phoenix, AZ

5 - 7 years

Posted 304 days ago

This job is no longer available.


We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.

As a company, we were established byChuckover 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.

Our Opportunity:

The Schwab Cybersecurity Services (SCS) team is responsible for implementing the firm’s cybersecurity strategy which includes securityarchitecture, security operations monitoring (SOC), cyber incident response, and implementing and operating the necessary security tools, controls and approaches to meet policies and standards.

As an Incident Commander (Quarterback), you will be the central person who will coordinate the incident handling activities of the cybersecurity incident response team (CIRT). This includes assessing the incident priorities, gathering the appropriate CIRT members, setting and assigning the incident handling tasks, and staying well-informed to provide communication updates to business partners. You will report directly to the Managing Director, Cybersecurity Program Office. 

What you’ll do:

  • Triage and lead escalated security incidents
  • Coordinate incident response (IR) measures across the Cybersecurity Incident Response Team (CIRT) to enable more centralized control of IR activities
  • Coordinate response/containment activities and monitor/track actions to completion
  • Managing IR calls to account for engaging additional/dismissing responders
  • Provide on-callsupport by attending incident technical calls to gather details about a cybersecurity incidents and lead business calls for verbal updates to management, if necessary
  • Escalate incidents based on defined threat and priority thresholds
  • Develop Management and Regulatory incident response status updatetemplates
  • Provide written status updates to leadership throughout the various phases of an incident
  • Be the primary communicator for global emerging threats and/or zero day vulnerabilities
  • Gather information required for regulatory reporting during an incident and provide to the regulatory partners
  • Manage, coordinate and facilitate cybersecurity tabletop exercises
  • Partner with CIRT members to update and maintain incident response documentation and processes in accordance with standards by continuously monitoring and improving process, playbook, and standard based on what we learn from each incident and event. 
  • Maintain and update the Cybersecurity Incident Response Standard and Plan
  • Recommend process changes to enhance defense and response procedures
  • Lead the Lesson Learned process, provide the After Action Report, and track remediation plans to closure
  • Align Cybersecurity IR processes with Business Continuity Incident Management and Disaster Recovery processes
  • Assist with the development of any new IR documentation and execution of the IR program roadmap
  • Participate in forensic investigations, if required

What you have:

  • Bachelor’s Degree in a related discipline
  • 5+ years’ experience of relevant work experience and/or related disciplines
  • Previous experience executing various incident response frameworks and handling procedures
  • Previous experience working in a Security Operations Center (SOC)
  • Certifications: CISSP (preferred), CISM (optional)
  • Demonstrates experience and understanding of cyberrisks and threats related to cyber attack
  • Has managed a team of direct and indirect reports in an operational environment
  • Maintains a superior level of customer satisfaction with internal and external customers
  • An ability to coordinate and organize work while meeting deadlines
  • Decision making, written and oral communication and people management skills
  • Proven team building and successful leadership qualities
  • Strong written and verbal communication skills with ability to translate technical terms into business language
  • Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
  • Demonstrates effective organizational and technical skills
  • What you’ll get:
  • Everyday Wellness: Healthy Rewards, Onsite Fitness Classes, Healthy Choices, Wellness Champions
  • Financial Fitness: 401k Match, Employee Discounts, Personalized advice, Brokerage discounts
  • Work/Life Balance: Sabbatical, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer
  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
  • Not just a job, but a career, with an opportunity to do the best work of your life

You demonstrate these behaviors:

Curious: Constantly learns more about our clients, competitors, industry and the broader market to drive insights and decisions

Disciplined: Highly disciplined in how resources are used; designs and champions ideas to drive efficiency

Exceptional Communicator: Communicates clearly, authentically, and persuasively

Collaborative: Capitalizes on the diverse experience and the expertise of colleagues and builds commitment around vision and priorities 

What you’ll get:


  • Comprehensive Compensation and Benefits package
  • Financial Health: 401k Match, Employee Stock Purchase Plan, Employee Discounts, Personalized advice, Brokerage discounts
  • Work/Life Balance: Sabbatical, Paid Parental Leave, New Mothers returning to work Program, Tuition Reimbursement Programs, Time off to volunteer, Employee Matching Gifts Program
  • Everyday Wellness: Health and Lifestyle Wellness Rewards, Onsite Fitness Classes, Healthy Food Choices, Wellness Champions
  • Inclusion: Employee Resource Groups, Commitment to diversity, Strategic partnerships
  • Not just a job, but a career, with an opportunity to do the best work of your life