Senior Manager, Cloud Vulnerability Engineering (IC)

Your Opportunity

At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab’s security posture and enhance the protection of Schwab’s critical assets. Enterprise Vulnerability Management (EVM) performs scanning, risk prioritization, and enforcement across patching and secure configuration, as well as holistic risk aggregation for other control opportunities.

The Opportunity

The Enterprise Vulnerability Management (EVM) team designs, monitors, and enforces the proactive mitigation of vulnerabilities across on-premise and cloud environments. We need a skilled and experienced Senior Manager to help us further mature the integration of vulnerability management controls into Cloud CI/CD pipelines, identify and advance ideas to address deployment inefficiencies, and mature ephemeral asset rehydration monitoring.

You’ll be instrumental in converting our vision for Cloud-specific vulnerability governance into life. This will involve cross-functional partnerships across the security organization to identify new risks, champion enhancements, and oversee rigorous governance. If you’re passionate about evolving vulnerability management for Cloud to an embedded developer function, we’d love to chat.

What you’ll do:

• Evaluate compliance for new and updated Cloud images, subject to vulnerability requirements, with developers, operations teams, and governance review boards
• Partner with security subject matter experts (SMEs) to identify opportunities in the Cloud CI/CD deployment pipeline for improving speed of vulnerability mitigation
• Lead monitoring for Cloud scanner performance, including authentication, subnet configuration, and reporting
• Champion maturity uplift for scanner selection, configuration management, and production monitoring processes – including identification of automation and agentic platforms.
• Continuously evaluate maturity of third-party vulnerability scanner against cloud native tools for fit-for-purpose monitoring
• Advocate for scalable security: reduce noise, improve coverage, and automate checks

What you have

Required Qualifications:

• 5+ years of experience with security control monitoring for Cloud environments (preferably AWS and GCP)
• 3+ years of experience with vulnerability management or patching
• 3+ years of experience with process analysis, documentation, and improvement
• Solid systems knowledge (Linux, Windows, and Networking)
• A clear, thoughtful communication style and a collaborative approach to problem solving
• Bachelor’s degree in computer science, engineering, or a related field

Preferred Qualifications:

• Hands-on experimentation and value realization with agentic AI or other LLM capabilities
• Experience with Robotics Process Automation (RPA) or other automation tools
• Security certifications, such as CISSP, CISM, GIAC, or Cloud Security certifications are preferred
• Hands on experience administering one or more technology platforms is a plus

In addition to the salary range, this role is also eligible for bonus or incentive opportunities