Your Opportunity At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together. The Schwab Cybersecurity Services (SCS) organization is a centralized 1st Line of Defense Center of Excellence (COE) that provides security services to advance Schwab's security posture and enhance the protection of Schwab's critical assets. Enterprise Vulnerability Management (EVM) is responsible for Secure Configuration Management - and we are looking for an Analyst to support the development, maintenance and monitoring of secure baselines across the firm's infrastructure. The Opportunity In this individual contributor role, you'll play a critical role in the day-to-day execution of our secure configuration program. You'll assist in translating hardening standards into actionable baselines, help validate implementation and contribute to drift monitoring efforts. This is an ideal opportunity for someone with a strong IT foundation who's eager to deepen their security skillset in a hands-on enterprise scale environment. What you'll do: * Support the creation and maintenance of secure configuration baselines aligned to CIS, NIST, or vendor hardening guidance * Assist in tracking baseline coverage, implementation status, and remediation efforts across platforms * Review configuration data and monitoring output to identify drift or gaps in enforcement * Collaborate with engineers to test and validate automation logic (e.g., Ansible playbooks) * Help document deviations, exceptions and team runbooks * Maintain Jira workflows and contribute to process improvement efforts across the baseline lifecycle Advocate for scalable security: reduce noise, improve coverage, and automate sanity checks What you have Required Qualifications: * 2-4 years of experience in IT, cybersecurity, or systems administration with exposure to enterprise environments * Understanding of secure configuration principles for systems such as Windows, Linux, cloud platforms or networking devices * Familiarity with scripting languages or configuration tools * Ability to interpret security benchmarks and translate technical guidance into actionable requirements * Attention to detail and a strong sense of accountability * Familiarity with CIS Benchmarks, NIST, DISA STIGS, or vendor-specific hardening guidelines * Experience reviewing scan data from tools like Qualys, CrowdStrike, or similar platforms * Hands on experience administering one or more technology platforms is a plus * Bachelor's Degree in Computer Science, Engineering, or a related field In addition to the salary range, this role is also eligible for bonus or incentive opportunities.