Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Newsletter

Application Security Engineer

AT Charles Schwab
Charles Schwab

Application Security Engineer

Lone Tree, CO

Pay range: USD $120,000.00 - $160,100.00 / Year

Your opportunity

The Schwab Application Security Team, under the leadership of the Chief Information Security Officer (CISO), is tasked to protect information assets in support of Schwab business objectives and in conformity with Schwab policies. The Application Security Team is a core function of Schwab Cybersecurity Services and is primarily responsible for establishing and guiding the Secure Software Development Program within Schwab. These activities include creation and rollout of software security policies and best practices, software security architecture, software security scanning, penetration testing, and the education of Schwab software developers and testers in security best practices. The Software Security Engineer ensures the control and protection of software, improves the software development process, and minimizes defects and vulnerabilities in software production.

Want more jobs like this?

Get jobs in Lone Tree, CO delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.


Well qualified candidates for this position will demonstrate the following key traits:

Prior engineering experience on a Software Security Assurance team Experience partnering with development teams to balance innovation and security concerns. Capable of analyzing large amounts of disparate data to produce easily understandable content. Experience with various application security tools including Software Composition Analysis (SCA), Static Application Security Testing (SAST), secrets management, and Dynamic Application Security Testing (DAST).

Well qualified candidates will also demonstrate expertise in the following technical areas:

Application engineering experience in software development Solid knowledge in application vulnerability types, attack vectors and remediation approaches Industry best practices for secure software development include software security design requirements. Application penetration testing and vulnerability scanning tools such as Fortify and how to integrate with agile SDLC. Proficiency with IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS, PKI. Familiarity with well-known application security sources and standards such as OWASP, WASC and NIST. Experience with solutions for WAF/RASP technology for runtime application monitoring and protection. 2 years of experience with static and dynamic analysis and/or threat modeling tools Experience implementing enterprise deployment of application security tools, services, and controls. Solid understanding of a variety of software security practices, secure code reviews, threat modeling, security requirements analysis and architectural risk analysis

What you have

Key Accountabilities:

  • Ability to positively influence the behavior of peers and build relationships with other teams without direct authority over those teams.
  • Assess current practices and recommend changes to relevant policies to ensure state of the art development practices as they relate to security.
  • Review security of software and identify and remediate vulnerabilities.
  • Provide necessary input to philosophy and practices around software development.
  • Help ensure security of software produced or procured by SCHWAB to prevent loss, inaccuracy, alteration, unavailability, or misuse of data.
  • Recommend security requirements for the software development process.
  • Support tools to help enable security requirements as part of application development process.
  • Integrate software security scanning and testing into SCHWAB's software development, build and testing programs.
  • Work with application developers in security best practices and secure coding.
  • Conduct software security testing, including penetration testing, to verify that the software complies with security requirements.
  • Review, inspect and walk through source code to help developers understand vulnerabilities and provide advice to developers on remediation.
  • Develop automated application specific threat models to identify security design flaws and provide guidance on application specific risks and controls.
  • Identify security vulnerabilities as a result of security bugs, coding errors, omissions, and defects.

Desired certifications:

  • Information Security and control certifications a plus (CISSP, CSSLP, GWEB, CISA, CISM, CEH, CRISC, etc.)

What's in it for you

At Schwab, we're committed to empowering our employees' personal and professional success. Our purpose-driven, supportive culture, and focus on your development means you'll get the tools you need to make a positive difference in the finance industry. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you - both today and in the future:

  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance

Client-provided location(s): Lone Tree, CO, USA
Job ID: CharlesSchwab-2025-110497
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • FSA With Employer Contribution
    • HSA
    • HSA With Employer Contribution
    • Pet Insurance
    • Mental Health Benefits

  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
    • Fertility Benefits
    • Adoption Assistance Program
    • Family Support Resources
    • Adoption Leave

  • Work Flexibility

    • Hybrid Work Opportunities

  • Office Life and Perks

    • Commuter Benefits Program
    • Snacks
    • Company Outings
    • On-Site Cafeteria
    • Holiday Events

  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Sabbatical
    • Leave of Absence
    • Volunteer Time Off

  • Financial and Retirement

    • 401(K) With Company Matching
    • Stock Purchase Program
    • Performance Bonus
    • Financial Counseling

  • Professional Development

    • Tuition Reimbursement
    • Promote From Within
    • Shadowing Opportunities
    • Access to Online Courses
    • Internship Program
    • Work Visa Sponsorship
    • Leadership Training Program
    • Associate or Rotational Training Program

  • Diversity and Inclusion

    • Employee Resource Groups (ERG)
    • Diversity, Equity, and Inclusion Program

Search Additional Jobs

Application Security Engineer Jobs in Lone Tree, COJobs in Lone Tree, CO