Senior Technology Risk Manager

Your Opportunity

At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

The Technology Risk Management (TRM) Organization provides ‘Second line-of-Defense’ oversight for information security, technology, data, and operational resilience. This includes activities related to policy and governance, risk identification and assessment, risk response, risk measurement and risk reporting for cyber and technology risks.

The Technology Strategy and Operations team within Technology Risk Management focuses on the ability to articulate and contextualize technology risk impacts Firm wide. Enabling effective Technology Risk Management oversight through risk identification, governance, risk measurement, reporting and support of departmental, audit, and regulatory needs.

Reporting to the Director of TRM Technology Strategy and Operations (Risk Assessment, Reporting and Escalation), this Senior Manager individual contributor plays a key role in driving risk management programs across TRM subcategories, information security, technology, data, and operational resilience. Beyond managing deliverables and due dates, the role will be driven by a proactive approach and critical thinking skills which promote a strong working relationship and best representation of TRM.

The Senior Manager will:

• Partner with TRM disciplines to assess and address needs across the technology risk management framework, including risk response (issues management), risk measurement and monitoring, risk assessment, and reporting.

• Establish and maintain centralized risk reporting and analytics that enable meaningful insight into risk posture, trends, and areas of concern across technology domains.

• Engage with first line partners to assess technology risks, control effectiveness, and issues, providing independent challenge and practical guidance aligned to second-line expectations and enterprise risk principles.

• Participate in 1st and 2nd line risk discussions, working sessions, and decision forums as a credible second-line voice who can both challenge and enable progress—particularly in complex or ambiguous risk scenarios.

• Synthesize information across issues, metrics, assessments, incidents, and ad hoc risk events to identify patterns and emerging themes that may not be evident within individual processes, translating inputs into clear risk narratives for leadership.

• Act as a trusted second-line risk partner for first line teams, offering advisory support on risk identification, control design, issue remediation, and risk acceptance decisions.

• Align across TRM and ERM stakeholders to ensure technology risk activities, priorities, and outcomes remain consistent with enterprise expectations, strategy, and direction.

What you have

Required Qualifications:

• 4+ years of experience in Information Security or Technology Risk practitioner (combination of both preferred)

• Bachelor’s Degree

• Proficient in advanced Microsoft Office applications, including CoPilot, Excel, Word, and PowerPoint

• Experience with artificial intelligence (AI) technologies and automation

• Strong data analysis experience, capable of interpreting large datasets to identify trends and relationships to inform risk assessments

• Practical experience with Governance, Risk, and Compliance (GRC) tools, ensuring efficient and effective risk management processes

Preferred Qualifications:

• CRISC, CISSP certifications

• Strong interpersonal, analytical, problem-solving, prioritization, facilitation, influencing, organizational skills and attention to detail

• Proactive and driven, with a track record of achieving results in dynamic and fast paced environments

• Excellent communication skills, both written and verbal, with a proven ability to convey complex information to senior management and stakeholders

• Consistently seeks innovative solutions and improvements, driven by a passion for service and a commitment to exceeding client expectations