Senior DLP Engineer

Pay range: USD $150,000.00 - $170,000.00 / Year

Your opportunity

At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Schwab CyberSecurity Services (SCS) organization is a centralized Center of Excellence (COE) within Schwab Technology Services (STS) that provides security services to advance Schwab's security posture of critical assets.

The Data Loss Prevention Engineering team protects the Firm's data. Do you thrive on being meticulous and detail oriented? Schwab has opportunities for tremendous growth. We are implementing tried and true security controls with cutting edge technologies in the cloud. This Security Engineer in Data Loss Prevention, (DLP), will join an exceptional team of engineers and analysts whose mission is to protect Schwab's most valuable assets: our client information and their trust.

• Ensuring integrity and security of information across multiple platforms for unstructured and structured data within on-premises and cloud-based infrastructure.
• Develop, engineer and automate quality monitoring of unstructured and structured data to ensure accurate response rules based on corporate security and compliance policies.
• Provide risk-mitigation recommendations to Schwab Cyber Security; build (or review and validate) requirements to maintain or enhance technical and operational controls that ensure the protection of sensitive data.
• Continually evaluate effectiveness and efficiency of data protection systems as needed in order to tune security configurations to reduce false positive events while improving detection of high quality, quantifiable and measurable risk events.
• In the scope of the tool set be able to gather requirements, design, test, implement, operate, solve and perform root cause analysis of problems.
• Deliver new and improved data protection capabilities, analytics, visualizations, reporting, and impactful, valuable, risk intelligence in short, sprint-like outcomes.
• Collaborate with enterprise and security architecture, governance, risk, onboarding, and production support teams while building and maintaining durable data security solutions.
• Proven thought leadership with Python, C#, .Net MVC, RESTFul Methodologies, Git, and Continuous Integration/Deployment tooling.
• Evaluate and prioritize workstreams for efficient delivery via an Agile methodology.
• Coach, mentor and develop less experienced colleagues.

• Expertise in source control, unit testing, and agile methodologies is paramount.
• Bachelor of Science in Information Technology, Information Security, Computer Science or related field.
• 5 years of enterprise-level system administration experience, supporting multiple DLP technologies that are subject to high levels of audit and regulatory oversight, is required.
• Fundamental skillset utilizing EDM/IDMs and compiling complex Regex's to identify different levels of data classification within structured and unstructured data elements.
• Understanding and utilization of data classification/labeling techniques in a complex environment.
• Strong functional familiarity with the following: CASB, Proxy, Network DLP solutions, Google Cloud, AWS, endpoint DLP. DNS and TCP/IP Internet and networking technologies within large, distributed environments.
• Ability to configure, design and implement data protection, encryption in transit, encryption at rest, cloud KMS, Identity Aware Proxy, cloud DLP, cloud security compliance and handle security operations within a cloud solution environment.
• Development and scripting experience in Cloud Service Provider IaaS environments such as AWS, Azure, and GCP
• Ability to prioritize and analyze large amounts of data, and report findings.
• Security certifications such as CISSP or SANS is helpful.
• Highly motivated self-starter and standout colleague.
• Must be passionate about technology and committed to continual improvement.
• Great problem solver with ability to quickly identify bottlenecks, potential problems in multi-process, multi-threaded code.
• Ability to work on an on-call rotation.

• 401(k) with company match and Employee stock purchase plan
• Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
• Paid parental leave and family building benefits
• Tuition reimbursement
• Health, dental, and vision insurance