Your Opportunity

MD, Application & Data Engineering

The MD, Application & Data Engineering is an executive leader within Schwab Cyber Security responsible for the strategy, architecture, delivery, and operational excellence of enterprise capabilities to protect applications, identities, and security telemetry. This leader partners across Technology, Security Operations, and Risk to embed secure-by-design controls into software delivery, strengthen vulnerability and remediation outcomes, and enable high-fidelity cyber visibility, detection, and response at scale.

This role will be based in Southlake.

Key responsibilities

• Lead and evolve the cybersecurity engineering portfolio across Identity & Access Management (PAM, SSO/MFA, identity lifecycle), Application Security (secure SDLC/DevSecOps enablement, scanning automation, penetration testing, secure coding standards), Enterprise Vulnerability Management (risk governance, prioritization, remediation orchestration, reporting), and Security Analytics & Content Engineering (security data onboarding, detection analytics, data science use cases).
• Define and execute the multi-year roadmap for security platforms and services, including architecture direction, tool selection, integration across on-prem and cloud, reliability, data quality, and cost management.
• Embed security into product and platform engineering by establishing reusable patterns and guardrails (threat modeling, CI/CD controls, security testing, and reference architectures) that improve developer experience and reduce time-to-remediate.
• Build and govern security data pipelines and telemetry standards to support detection and response, audit evidence, and risk decisioning (ingestion, parsing, enrichment, retention, access controls).
• Establish operating rhythms, metrics, and executive reporting for application and vulnerability risk, including severity standards, remediation SLAs, and risk acceptance/exception workflows.
• Partner with SOC/IR, infrastructure security, risk/GRC, internal audit, and technology leaders to deliver measurable reduction in cyber risk and sustained regulatory readiness.
• Build and lead high-performing teams through org design, hiring, coaching, performance management, and succession planning; foster a culture of engineering excellence and continuous improvement.

What you have

Required qualifications

• 10+ years of progressive experience in cybersecurity engineering, application security, security platforms, or security data engineering; including 5+ years leading managers and multi-team organizations.
• Proven track record building and operating enterprise security engineering services (e.g., IAM, AppSec, vulnerability management, security analytics/telemetry) in complex, regulated environments.
• Strong leadership in modern engineering practices: cloud and on-prem integration, platform reliability, CI/CD enablement, and governance through metrics and operational rigor.
• Demonstrated ability to influence across senior stakeholders (Technology, Security Operations, Risk/Compliance, Audit) and drive measurable outcomes.
• Excellent communication skills with the ability to translate technical risk and engineering tradeoffs into executive-ready recommendations.

Preferred qualifications

• Experience scaling enterprise IAM programs (PAM, SSO/MFA, identity lifecycle) and driving adoption with strong user experience.
• Deep familiarity with secure SDLC/DevSecOps patterns, application security testing automation, and penetration testing program management.
• Experience building security data onboarding pipelines and detection analytics capabilities to support 24x7 cybersecurity monitoring.
• Background working in large financial services organizations and partnering through internal/external audit and regulatory expectations.
• Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent practical experience); advanced degree a plus.