Sr Specialist - SOC Analyst - Hybrid

Position Type: Regular
Your opportunity

At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

Charles Schwab Cybersecurity Services (SCS) organization is seeking an Information Cyber Security Analyst for the Security Operations Center. The selected candidate will participate in a 24x7x365 team that monitors, analyzes, and responds to information security related threats such as commodity malware, policy violations, and advanced persistent threats. Members of the SOC are also tasked with supporting the efforts of the Threat Intelligence, Risk Management, and Forensic teams. The successful candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, and contribute to the advancement of the team.

• Work as part of a team of Information Security professionals supporting a global enterprise.
• Triage and respond to concurrent information security incidents reported via SIEM, ticketing system, email, etc...
• Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences.
• Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
• Automate manual processes via scripting.
• Perform raw data review in an effort to identify malicious activity for which signatures/content do not exist.
• Assist with the development of new content and tuning/filtering of existing content for SIEM, IDS, and other security technologies.
• Participate in documentation evergreen process to ensure accuracy of documentation critical to the team's success.
• Work with management to define/update standard operating procedures and response plans.
• Support efforts of Sr. Security Analysts, Team Lead, Technical Directors and/or Management during all phases of the Incident Response process.

What you have

Required:

• Minimum of 2+ Security Experience Years of professional experience, or equivalent.
• Between 2-5 Years IT Experience Years of professional experience, or equivalent.
• Experience as an initial point of escalation for the Security Analyst I.
• Train, mentor, and oversight of the Security Analyst I.
• Thorough understanding of computer networking: TCP/IP, routing and protocols.
• CompTIA Network+ or equivalent knowledge/experience required.
• CompTIA Security+ or equivalent knowledge/experience required.
• Detailed knowledge of packet structure and previous experience performing in-depth packet analysis required.
• Thorough understanding of information security best practices and technologies.
• Detailed knowledge regarding the administration, use, securing and exploitation of common operating systems.
• Prior experience analyzing log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems required.
• Strong proficiency with Windows and Unix/Linux command line.
• In-depth knowledge of obfuscation techniques used to encode/encrypt malicious traffic/data.
• Familiarity with a standardized incident response framework (SANS/NIST).
• Research and analytical background and an analytical approach; especially with respect to event classification, event correlation, and root cause analysis.
• Scripting experience with Python, Perl, SQL, and/or PowerShell strongly preferred.
• Must be able to react quickly, decisively, and deliberately in high stress situations.
• High level of ethics and core values.
• A strong passion for learning.
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers.
• Willingness to participate in shift work.
• Self-disciplined to ensure completion of shift work with little supervision. Highly motivated individual with the ability to self-start, prioritize, and multi-task.

Preferred but not required:

• Associates or BS in Computer Science or equivalent experience.
• SANS GCIH, GCIA, or equivalent industry recognized certifications

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.

What's in it for you
At Schwab, you're empowered to shape your future. We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration-so you can build the skills to make a lasting impact. Our approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive that takes care of the whole you - both today and in the future:

• 401(k) with company match and Employee stock purchase plan
• Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
• Paid parental leave and family building benefits
• Tuition reimbursement
• Health, dental, and vision insurance