Description

Your Opportunity

At Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together.

We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

We are seeking a motivated and detail-oriented Application Security Analyst to join our application security team. In this role, you will contribute to our organization's security posture by supporting Dynamic Application Security Testing (DAST) efforts and managing API security. You will play an integral part in identifying, triaging, and managing vulnerabilities in web applications and APIs, ensuring our products remain secure and resilient against emerging threats.
Key Responsibilities

• Assist in planning, executing, and managing Dynamic Application Security Testing (DAST) for web applications.
• Review, analyze, and triage vulnerabilities identified through application security testing programs including DAST and API Security as well as through manual testing.
• Collaborate with development teams to validate findings, prioritize remediation efforts, and track resolution of vulnerabilities.
• Maintain accurate documentation of security findings, remediation status, and communications with stakeholders.
• Stay informed about the latest application and application security trends, vulnerabilities, and best practices.
• Contribute to continuous improvement of application security processes and tooling.

What you have

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field,
• Practical understanding of web application architecture and common security vulnerabilities (e.g., OWASP Top 10).
• Familiarity with API technologies (REST, SOAP, GraphQL) and common API security issues.
• Exposure to or interest in using DAST tools (e.g., Burp Suite, OWASP ZAP, WebInspect, WhiteHat) is a plus.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work collaboratively in a team environment.

Preferred Skills

• Experience with vulnerability management platforms (e.g., Jira).
• Proficient in scripting (Python, Bash, etc.) for automation purposes.
• Understanding of secure software development practices.
• Certifications such as Security+, CEH, or similar are a plus

Requisition #: 2026-119274

r1d4rh5eu

Requirements

2026-119274