Senior Unix Security Administrator

Your Opportunity

At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.

In Schwab Cybersecurity Services (SCS), Office of CISO, we provide platforms, services, and security operations capabilities which enable the firm to produce successful client and shareholder outcomes securely and safely. Securing our IT assets, data, and access to applications is the core of who we are and what we do. We ensure only the appropriate entities have access to IT resources and that we adhere to best practices and standards to ensure a safe and compliant environment is maintained.

Identity and Access Management has an opening for a Sr. Unix Administrator responsible for overseeing, maintaining, and enhancing the security and efficiency of Unix/Linux systems, with a primary focus on managing the sudoers file and privilege elevation mechanisms. This role requires a deep understanding of Unix/Linux operating systems, security best practices, and automation techniques. The ideal candidate will play a pivotal role in ensuring that our systems adhere to the highest security standards while maintaining optimal performance and operational efficiency.

What you'll do:

• Sudoers File Management:
• Maintain, audit, and update the sudoers file across multiple Unix/Linux environments.
• Ensure proper configuration of sudo policies to enforce the principle of least privilege.
• Implement best practices for managing privileged access and reduce potential security vulnerabilities.
• Privilege Elevation & Security:
• Design, implement, and monitor privilege elevation strategies to secure critical systems.
• Collaborate with IT security teams to align Unix system configurations with industry and regulatory standards.
• Conduct regular security assessments and audits to ensure compliance with internal and external policies.
• Automation & Scripting:
• Develop and maintain automation scripts (using Bash, Python, or similar) to streamline sudoers management and auditing processes.
• Integrate automation tools to monitor and report on privileged access events and anomalies.
• Incident Response & Troubleshooting:
• Act as a subject matter expert during security incidents involving privilege escalation.
• Investigate and resolve issues related to misconfigurations or unauthorized access efficiently.
• Collaborate with cross-functional teams to identify root causes and implement long-term solutions.
• Documentation & Best Practices:
• Create and update comprehensive documentation for sudoers configurations, access policies, and incident response procedures.
• Establish and enforce standard operating procedures for secure Unix/Linux system administration.
• Mentoring & Collaboration:
• Provide technical leadership and mentorship to junior team members and other IT staff.
• Work collaboratively with other engineering, security, and operations teams to drive continuous improvement in system security and efficiency.

What you have

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent practical experience).
• Minimum of 5 years of hands-on experience in Unix/Linux system administration, with a strong focus on security.
• Proven track record in managing and auditing sudoers files and implementing privilege elevation controls.
• Experience with scripting languages (e.g., Bash, Python) and automation tools.
• Familiarity with compliance frameworks such as PCI, HIPAA, SOX, or similar regulatory standards.
• Deep knowledge of Unix/Linux operating systems and security best practices.
• Expertise in configuring and troubleshooting sudoers file settings and related access controls.
• Experience with configuration management tools (e.g., Ansible, Puppet, Chef) is a plus.
• Strong understanding of network security, system hardening, and risk management.
• Excellent analytical and problem-solving abilities.
• Strong verbal and written communication skills, with the ability to explain complex technical concepts to diverse audiences.
• Proven ability to work both independently and as part of a collaborative team environment.
• Industry certifications such as Red Hat Certified Engineer (RHCE), Linux Professional Institute Certification (LPIC), or similar are preferred.

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.