Application Security Engineer

Job description

**Your opportunity**

At Schwab, you’re empowered to make an impact on your career.

Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

The Schwab Application Security Team, under the leadership of the Chief Information Security Officer (CISO), is tasked to protect information assets in support of Schwab business objectives and in conformity with Schwab policies.

The Application Security Team is a core function of Schwab Cybersecurity Services and is primarily responsible for establishing and guiding the Secure Software Development Program within Schwab.

These activities include creation and rollout of software security policies and best practices, software security architecture, software security scanning, penetration testing, and the education of Schwab software developers and testers in security best practices.

The Software Security Engineer ensures the control and protection of software, improves the software development process, and minimizes defects and vulnerabilities in software production.

**Key Accountabilities:**

+ Ability to positively influence the behavior of peers and build relationships with other teams independently.
+ Thrives in dynamic and fast-paced environments, adjusting quickly to shifting priorities.
+ Works on problems of diverse scope where analysis of data requires evaluating specific factors.
+ Communicate emerging application security weaknesses, exploit patterns, and risk scenarios in clear, business-relevant terms.
+ Assist teams in mitigation and remediation efforts while operating within agile delivery environments.
+ Apply insight and initiative to raise the standard of secure development and streamline the path from policy to implementation.

**What you have**

**Required Qualifications:**

+ Bachelor’s degree in computer science or related field
+ Ability to demonstrate knowledge of OWASP Top 10 and CWE Top 25
+ Knowledge of application-layer security controls, including authentication and authorization methods, input/output validation and sanitization, and defenses against injection attacks such as SQL or command injection
+ Understanding of secure cryptographic practices, including appropriate use of encryption algorithms, hashing functions, and protection of data at rest and in motion
+ Secure coding in Java or .NET web and service development, backed by hands-on programming and IT experience
+ Experience participating as a member of a team in an agile environment
+ Experience with the Secure Development Lifecycle
+ Experience with security tools including SAST, DAST, IDE plugins, decompilers, and threat modeling platforms
+ Experience with source code repository tools such as BitBucket and GitHub
+ Web application penetration testing, ethical hacking, red/blue teaming, or capture-the-flag experience a plus

**Desired certifications:**

+ Information Security and control certifications a plus (CISSP, CSSLP, GWEB, CISA, CISM, CEH, CRISC, etc.)

In addition to the salary range, this role is also eligible for bonus or incentive opportunities.

**What’s in it for you**

At Schwab, you’re empowered to shape your future.

We champion your growth through meaningful work, continuous learning, and a culture of trust and collaboration—so you can build the skills to make a lasting impact.

Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.

We offer a competitive benefits package that takes care of the whole you – both today and in the future:

+ 401(k) with company match and Employee stock purchase plan
+ Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
+ Paid parental leave and family building benefits
+ Tuition reimbursement
+ Health, dental, and vision insurance
What’s in it for you:
At Schwab, we’re committed to empowering our employees’ personal and professional success.

Our purpose-driven, supportive culture, and focus on your development means you’ll get the tools you need to make a positive difference in the finance industry.

Our Hybrid Work and Flexibility approach balances our ongoing commitment to workplace flexibility, serving our clients, and our strong belief in the value of being together in person on a regular basis.
We offer a competitive benefits package that takes care of the whole you – both today and in the future:
401(k) with company match and Employee stock purchase plan
Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
Paid parental leave and family building benefits
Tuition reimbursement
Health, dental, and vision insurance
Schwab is an affirmative action employer, focused on employing and advancing in employment, qualified women, racial and ethnic minorities, protected veterans, and individuals with disabilities in the workplace.

If you have a disability and require reasonable accommodations in the application process, contact Human Resources at applicantaccessibility@schwab.com or call 800-275-1281.

Required Skill Profession

Other General