We believe that, when done right, investing liberates people to create their own destiny. We are driven by our purpose to champion every client’s goals with passion and integrity. We respect and appreciate the diversity of our employees, our clients, and the communities we serve. We challenge conventions strategically to create value for our clients, our firm and the world. We live and bring to life the concept of ‘own your tomorrow’ every day. We champion our employee strengths, guide their development, and invest in their long-term success. We hire optimistic, results-oriented, curious, innovative, and adaptable people with the desire to help our clients and one another succeed.
As a company, we were established byChuckover 40 years ago to champion Main Street over Wall Street, and to help Americans transform themselves from earners to owners. Through advocacy and innovation, we work to make investing more affordable, accessible and understandable for all. As we enter our fifth decade, we are looking for talented, innovative and driven people who believe they can help themselves, and our clients, create a better future.
In Schwab Cybersecurity Services (SCS), Office of CISO, we provide platforms, services, and security operations capabilities which enable the firm to produce successful client and shareholder outcomes securely and safely. Securing our IT assets, data, and access to applications is the core of who we are and what we do. We ensure only the appropriate entities have access to IT resources and that we adhere to best practices and standards to ensure a safe and compliant environment is maintained.
Identity and Access Management has an opening for a Director, Identity and Access Management, to deliver and manage large, complex Identity and Access Management programs in the areas of Provisioning/De-provisioning, Directory, Highly Privileged Accounts, Access Governance, Single Sign On, Analytics, API Management and certifications. The individual will ensure adherence to policy and provide leadership to the implementation of leading-edge technology to position the organization for success – improving efficiency, increasing security posture, and supporting growth of the firm’s Identity and Access Management (IAM) Program
What you’ll do:
- Manage the program to guide design, development and implementation of Access Management solutions including Single Sign On, Directory, Federation, Multifactor Authentication, Authorization, PKI Management OAuth, OpenID and Step up Authentication.
- Program management of the execution of the roadmap and plan, define and improve processes, identify and address issues, and provide executive reports of the progress and return on investment (ROI)
- Build business strategy for SSO/ Access Management services that are robust and scalable to support the employees, contractors, partners and customers
- Partner with enterprise business leaders, technology partners to gain support for the program vision and influence adoption
- Work with business leaders across the firm to integrate their systems, applications and databases into the centralized systems ensuring adherence to Security Controls, Policies and Standards with a focus on automation and control
- Work with various Audit, Compliance and Assessment teams and programs to identify, assess and mitigate operational risks, evaluating the adequacy and effectiveness of the platform, standards, procedures, processes, and internal controls
- Establish an Access Governance program to drive corporate-wide initiatives forward and increase security posture
- Work closely with Software Architects to propose solutions and provide strategic technical direction across the team
- Overall accountability for team delivery and technical support of solutions
- Oversee adherence to applicable Security Controls, Policies and Standards; partner with business owners and technology groups to synchronize plans to remediate gaps
What you have:
- Bachelor’s degree or equivalent experience
- 10+ years’ experience in Information Security field
- Direct experienceworking within Oracle Access Manager, OUD, MS AD, SPML, OAuth, OpenID Connect, required
- Direct experienceworking within REST api, Web Services, Java, PowerShell required
- Experience working with ISO/NIST frameworks
- Understanding of applicable regulatory requirements/laws such as PCI, FFIEC, GLBA, SOX, etc.
- Ability to effectively communicate with technical and executive audiences, both oral and written is required
- Experience interfacing with auditors in support of audits and external regulatory exam processes is required
- Experience in gathering requirements, documenting and assessing information for implementing information security policies and standards is required
- Strong interpersonal, analytical, problem-solving, influencing, prioritization, decision-making and conflict resolution skills
- Strong initiative; self-starter; self-directed; ability to multi-task
- Experience in project planning, meeting facilitation for multiple groups and projects is preferred
- Experience working withProject Manager, Agile methodologies and handling multiple top priorities task
- Bachelor’s degree in Computer Science or a related field plus CISSP, CISM, or equivalent certification is preferred