Zero Trust Operations Engineer

Your Opportunity

At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Senior Manager, Zero Trust Operations, sits at the center of Schwab’s Zero Trust security ecosystem, owning some of the firm’s most complex and high‑impact operational challenges. This role is for a deeply technical, highly trusted individual contributor who thrives in ambiguity and takes pride in leading the response to critical incidents, systemic issues, and platform risks that span cloud, network, identity, and endpoint domains. You will serve as a technical authority and escalation leader, setting direction during high‑stakes events, translating complex telemetry into clear outcomes, and ensuring secure, reliable access for the business at scale.

Beyond incident leadership, this role plays a critical part in shaping the long‑term health and maturity of Zero Trust services. You’ll design and implement high‑risk changes, evolve policy and segmentation models, and drive proactive improvements through monitoring, automation, and AI‑assisted workflows. As a senior individual contributor, you’ll influence outcomes through expertise rather than hierarchy, partnering closely with engineering, architecture, and technology teams, mentoring peers, and raising the operational bar across the organization. This role is ideal for experienced Zero Trust operations professionals who want broad enterprise impact, deep technical ownership, and the opportunity to shape how Zero Trust services operate and mature at scale.

Core Responsibilities

• Own and lead the response to complex Zero Trust related service degradations, incidents, and systemic issues, setting technical direction for triage, prioritization, and resolution across teams.
• Independently investigate and resolve highly complex connectivity, access, and performance issues across Zero Trust network and cloud security platforms by synthesizing logs, telemetry, diagnostics, and cross-domain data.
• Serve as a technical incident leader and escalation authority for high‑severity or high‑impact incidents, directing containment, coordinating multi-team response efforts, driving root cause analysis, and ensuring durable corrective actions.
• Set the standard for stakeholder communication during major incidents, translating technical detail into clear impact assessments, executive-level updates, and remediation strategies.
• Design, validate, and implement high‑risk or high‑impact configuration and architectural changes to Zero Trust platforms, ensuring alignment with security strategy, operational resilience, and user experience goals.
• Lead the evolution of policy models, access controls, and segmentation approaches aligned to Zero Trust and least‑privilege principles, proactively identifying simplification and risk‑reduction opportunities.
• Own pre‑ and post‑change validation strategy, including user experience testing, regression analysis, and risk assessment for changes with broad or ambiguous impact.
• Enforce change quality standards, ensuring complete implementation records, rollback strategies, and audit‑ready documentation for complex changes.
• Provide technical leadership for platform stability and resilience, identifying systemic risks, performance bottlenecks, and failure patterns before they impact users.
• Drive proactive monitoring and telemetry improvements, shaping alerting strategies and dashboards that surface actionable signals rather than reactive noise.
• Translate short‑term mitigations into long‑term improvements, influencing architecture, tooling, automation, and operational processes to reduce recurring risk.
• Partner with engineering and architecture teams to drive enhancements to Zero Trust services that improve resilience, scalability, and security posture.
• Own and evolve operational runbooks, troubleshooting frameworks, and incident response practices, ensuring they scale across teams and remain aligned with real‑world operations.
• Apply senior‑level technical judgment in ambiguous or high‑stakes scenarios, balancing security, availability, user experience, and business priorities without prescriptive guidance.
• Author and maintain authoritative documentation including design references, operational procedures, incident analyses, and platform diagrams used as sources of truth.
• Ensure operational knowledge is durable and transferable, enabling operations, engineering, and support teams to resolve issues with minimal escalation.
• Act as a trusted technical partner to network, identity, endpoint, DevSecOps, cloud, and SOC teams, influencing outcomes through expertise rather than authority.
• Represent Zero Trust Operations as a senior technical voice in cross‑functional forums, articulating risk, tradeoffs, and technical constraints to leadership and partners.
• Identify, design, and implement automation and AI‑assisted solutions (e.g., Microsoft Copilot) to reduce manual effort, accelerate diagnostics, and scale operational effectiveness.
• Mentor and develop peers through technical guidance, design reviews, incident leadership, and knowledge sharing, elevating overall team capability.
• Continuously expand cross‑domain expertise in Zero Trust, networking, cloud security, identity, and automation to improve solution design and incident response effectiveness.
• Pursue ongoing professional development and certifications, aligning skill growth with evolving Zero Trust technologies and organizational priorities.

What you have

Qualifications

Knowledge & Experience

• 5+ years of experience in cybersecurity
• 3+ years of direct operational support experience with Zero Trust solutions (ZTNA, CASB, SWG, SASE, etc.)
• Working knowledge of networking fundamentals, and cloud security knowledge & concepts
• Automation experience desired (Python, scripts, Ansible, Salt, etc.)

Education & Certifications

• 4-year college degree in Computer Science or Cybersecurity (or equivalent)
• Security certifications (Security+, CASP+, GSEC, SSCP, CDPSE, GIAC/SANS, or equivalent)
• Zero Trust vendor certifications
• Network certifications (Network+, CCIE, CCNA, CCNP, or equivalent)