Director, Cybersecurity Strategy and Operations

Your Opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location.

At Schwab, we believe that strong cybersecurity and risk management are foundational to client trust and business resilience. The Director, Cybersecurity Strategy & Operations (Individual Contributor) will play a pivotal role in advancing the firm’s cybersecurity posture by providing thought leadership, facilitating cross-functional alignment, and coordinating oversight of high-priority initiatives across four cybersecurity risk discipline teams within the second line of defense (2LOD).

This role is designed for a strategic leader who excels at driving collaboration, synthesizing complex information, and influencing outcomes across diverse teams. The Director will support special projects and enable effective oversight of multi-disciplinary risk initiatives.

RESPONSIBILITIES

• Serve as a strategic advisor, thought leader, and risk management practitioner across 2LOD cybersecurity risk disciplines, supporting special projects and high-priority initiatives that span multiple teams.
• Facilitate cross-functional alignment between cybersecurity risk discipline teams, ensuring coordinated oversight and effective challenge of technical and procedural controls.
• Coordinate with Strategy and Operations team members to ensure timely and accurate execution of core oversight activities across cybersecurity discipline teams.
• Support oversight of initiatives and activities that require collaboration across multiple risk disciplines, driving progress and resolving barriers.
• Drive effective risk issue management and analysis throughout the risk issue lifecycle in coordination with oversight assignees and the Strategy and Operations team.
• Influence updates to policies, procedures, and controls to reflect evolving cybersecurity strategy and regulatory requirements.
• Conduct industry benchmarking to identify coverage gaps and recommend improvements.
• Provide periodic updates, reports, and recommendations to management regarding best practices, risk assessments, and remediation strategies.
• Support regulatory interfaces and audit activities alongside Strategy and Operations team by preparing and delivering updates on cross-disciplinary cybersecurity initiatives.
• Apply creative problem-solving skills to ambiguous or complex challenges, delivering actionable insights and recommendations.
• Contribute to the development and monitoring of cybersecurity risk metrics (e.g., KRAMs, RAMMs) in partnership with first line of defense (1LOD) teams.

What you have

To ensure that we have fulfilled our promise of "challenging the status quo," this role has specific qualifications that successful candidates should have.

Required Qualifications

• Bachelor’s degree in Computer Science, Information Systems, Business Administration, or related field (or equivalent work experience). Advanced degree preferred.
• At least 10 years of experience in Information Security or Risk Management, with demonstrated leadership in cross-functional initiatives.
• Familiarity in use and implementation of AI solutions.
• Proven ability to drive results and influence outcomes across geographically dispersed and multi-disciplinary teams.
• Hands-on experience in risk management and oversight, preferably in financial services or highly regulated environments.
• Familiarity with NIST Cybersecurity Framework and relevant regulatory requirements (e.g., GDPR, PCI, FFIEC, GLBA, SOX).
• Exceptional communication skills, with the ability to engage technical and executive audiences.
• Experience supporting audits, regulatory exams, and external assessments.
• Strong analytical, problem-solving, and strategic thinking skills; ability to synthesize complex information and deliver actionable recommendations.
• Demonstrated initiative, adaptability, and ability to manage multiple priorities independently.
• Experience in project planning and facilitation of cross-functional meetings.

Preferred Qualifications

• Professional certification preferred (e.g., CISSP, CISA, CISM, CRISC)

In addition to the salary range, this role is also eligible for bonus or incentive opportunities