Insider Threat Analyst
Yesterday• Phoenix, AZ
Pay range: USD $32.16 - $65.77 / Hour
Your opportunity
At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.
We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program.
This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat and DLP principles to identify trends and patterns which can assist in the development of new detection rules and models.
Want more jobs like this?
Get Data and Analytics jobs in Phoenix, AZ delivered to your inbox every week.
The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.
What you have
You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are adept at translating complex problems into 'byte-sized', readily implemented (and preferably automated) solutions. You are familiar with Insider Threat technologies (such as Security Information Event Management - SIEM, User Entity Behavioral Analytics - UEBA, Endpoint Detection and Response - EDR, Data Loss Prevention - DLP) and have an understanding of investigations and/or the intelligence cycle.
Your opportunity:
At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.
We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program.
This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat and DLP principles to identify trends and patterns which can assist in the development of new detection rules and models.
The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.
What you have:
You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are adept at translating complex problems into 'byte-sized', readily implemented (and preferably automated) solutions. You are familiar with Insider Threat technologies (such as Security Information Event Management - SIEM, User Entity Behavioral Analytics - UEBA, Endpoint Detection and Response - EDR, Data Loss Prevention - DLP) and have an understanding of investigations and/or the intelligence cycle.
Required qualifications:
- Understanding of computer networking concepts, communication protocols, primary threat actor attack methods and tools
- Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence
- Ability to understand and learn technical specifications, system requirements and other application design information as needed
- Detail-oriented person who is passionate about quality and is enthusiastic about innovative technology offerings
- Strong verbal and written communication skills and you are comfortable composing briefs and assessments for leadership
- Familiar with analytical programming languages such as SQL
- Ability to thrive in ambiguity and rapid change
- Comfortable with process flow diagrams
- Familiar with applying Agile Methods
- Basic understanding of a variety of security and compliance policies and incident response processes
- Experience monitoring and analyzing Data Loss Prevention (DLP) and Database Activity Monitoring (DAM) incidents to ensure compliance with company policies
- 6 months+ of Schwab technology domain experience gained as a current or recent contractor or employee
- Ability to exercise sound judgment when determining which events require follow-up response or escalation
- Comfortable working with internal customers to respond to escalations
- Maintaining incident documentation, analyzing incident trends
- Experience maintaining and generating audit evidence for internal and external regulatory compliance
- Ability to function as a technical conduit between IT and the business
Preferred qualifications:
- 4 - 7 years related experience including developing requirements, designing, and executing test cases in insider threat and data loss prevention
- Bachelor's degree in computer science or related field
What's in it for you:
At Schwab, we're committed to empowering our employees' personal and professional success.Our purpose-driven, supportive culture, and focus on your development means you'll get the tools you need to make a positive difference in the finance industry.Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you - both today and in the future:
- Base salary + bonus opportunity (for eligible positions)
- 401(k) with company match and Employee stock purchase plan
- Paid time for vacation, volunteering, and a 4-week sabbatical after 5 years of service for eligible positions
- Paid parental leave and family building benefits
- Tuition reimbursement
- Health, dental, and vision insurance
What's in it for you
At Schwab, you're empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration-so you can build the skills to make a lasting impact. Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you - both today and in the future:
- 401(k) with company match and Employee stock purchase plan
- Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
- Paid parental leave and family building benefits
- Tuition reimbursement
- Health, dental, and vision insurance
Client-provided location(s): Phoenix, AZ
Job ID: CharlesSchwab-2026-120717
Employment Type: OTHER
Posted: 2026-04-04T19:51:12
Perks and Benefits
Health and Wellness
- Health Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short-Term Disability
- Long-Term Disability
- FSA
- FSA With Employer Contribution
- HSA
- HSA With Employer Contribution
- Pet Insurance
- Mental Health Benefits
Parental Benefits
- Birth Parent or Maternity Leave
- Non-Birth Parent or Paternity Leave
- Fertility Benefits
- Adoption Assistance Program
- Family Support Resources
- Adoption Leave
Work Flexibility
- Hybrid Work Opportunities
Office Life and Perks
- Commuter Benefits Program
- Snacks
- Company Outings
- On-Site Cafeteria
- Holiday Events
Vacation and Time Off
- Paid Vacation
- Paid Holidays
- Personal/Sick Days
- Sabbatical
- Leave of Absence
- Volunteer Time Off
Financial and Retirement
- 401(K) With Company Matching
- Stock Purchase Program
- Performance Bonus
- Financial Counseling
Professional Development
- Tuition Reimbursement
- Promote From Within
- Shadowing Opportunities
- Access to Online Courses
- Internship Program
- Associate or Rotational Training Program
Diversity and Inclusion
- Employee Resource Groups (ERG)