At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

The Endpoint Security Engineer is an individual contributor supporting endpoint security technologies, threat monitoring and management in Schwab Cybersecurity Services. This role works with the security and infrastructure teams on the design, engineering, and implementation of technology solutions and methodologies to ensure secure endpoints. This role requires advanced level knowledge of the risk and endpoint security landscape to be able to better implement and maintain impactful security solutions.

Engineering and implementing endpoint security capabilities including EDR, SOAR, anti-malware, and DLP. Guiding configuration and support for security tools while ensuring all regulatory and compliance standards are met. Collaborating with product and project teams to understand needs and enablement with security products. Strong analysis and decision-making skills with the ability to identify opportunities to manage endpoint security tools, participate in technical cross-functional sessions, and ensure adherence to change and configuration management principles. Assessing issues and developing resolutions to meet productivity, quality goals and objectives.

A proven track record of experience in administering security solutions.

• Preferred experience managing endpoint security tools such as EDR, DLP, device control, drive encryption, and file integrity monitoring.
• Understand General networking concepts such as firewalls and IP networking.
• Understand fundamental operating system functionality and how applications communicate and interact with the operating system.
• Fundamental understanding of public cloud and SaaS concepts.
• Customization, implementation of best practices, determine specific value-driven use cases, and fully integrate the solution into the environment. 
• Develop and report enterprise level metrics for endpoint security controls.
• Work closely with Stakeholders Teams (Compliance, Mainframe, Windows, Linux, Network, SIEM, Remedy, Asset Management) to develop high value enterprise capabilities/results while reducing noise and false alarms.
• Help architect solutions (initial state, transition, final state architectures).  
• Create content filters, rules, dashboards, and reports.
• Provide compliance and audit evidence for monitored systems.
• Identify and implement automation of repetitive tasks.
• Document, publish and maintain a knowledge base of information pertaining to the functionality, processes and procedures related to the supported tools.
• Create, modifying, test, deploy procedure and rules specific to asset type (i.e. mainframe, web servers, database servers, batch servers, application servers)

One or more endpoint security related technologies (Preferred)

• EPP/EDR
• SIEM/SOAR
• Microsoft InTune
• DLP
• FIM

Qualifications

• More than 7 years of progressive experience in cybersecurity engineering with multiple security controls within multiple security domains.
• At least 3 years focused on Endpoint Security Engineering
• At least 2 years’ experience with handling workloads in an Agile environment utilizing SCRUM with Lean/MVP methodologies.
• Bachelor’s Degree in Computer Science, Engineering or related field 

Preferred:

• CISSP, CISM, or other relevant information security industry recognized certification preferred.
• Experience with CrowdStrike or a comparable EDR.