Senior Security Engineer, Digital Asset Custody

The Charles Schwab Corp

Southlake, TX

JOB DETAILS
SKILLS
Architectural Design, Architectural Services, Artificial Intelligence (AI), Blockchain, C Programming Language, C++ Programming Language, Communication Skills, Computer Security, Cryptography, Disaster Recovery, Distributed Computing, Documentation Models, Error Handling, Finance, Fuzz Testing, Incident Response, Internet Security, Leadership, Legal, Machine Tool, Operations Security (OPSEC), People Management, Problem Solving Skills, Regulations, Risk, Root Cause Analysis, Rust Programming Language, Security Architecture, Security Attacks, Security Auditing, Security Policy, System Architecture, Technical Analysis, Technical Recruiting, Threat Modeling, Writing Skills
LOCATION
Southlake, TX
POSTED
30+ days ago

Your Opportunity

At Charles Schwab, you're empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry together. We believe in the importance of in-office collaboration and fully intend for the selected candidate for this role to work on site in the specified location(s).

We are hiring a Lead Engineer focusing on security and custody architecture to serve as the technical authority for Crypto Custody engineering, with deep ownership of key management, custody security architecture, and risk posture across Schwab's digital asset platforms.

This is a hands‑on, high‑impact individual contributor role.. The Lead Engineer sets technical direction, defines custody architecture, and owns critical design decisions across HSMs, MPC, key storage, policy enforcement, disaster recovery, and incident response.

This role requires strong engineering judgment in high‑risk, high‑trust environments, and the ability to operate with autonomy while influencing teams, architects, security, and leadership.

What This Engineer Will Do

Custody Key Management & Cryptographic Architecture

  • Design, implement, and evolve institutional‑grade key management architectures, including:
  • Hardware Security Modules (HSMs)
  • Multi‑Party Computation (MPC)
  • Secure key generation, storage, rotation, signing, and recovery
  • Define clear trade‑offs and architectural patterns across hot wallet, warm wallet, and cold storage models.
  • Ensure cryptographic designs align with regulatory, security, and audit expectations.
  • Partner closely with Cybersecurity and Risk to embed defense‑in‑depth and zero‑trust principles into custody design.

Custody Policy Engine & Governance

  • Lead the design of the Custody Policy Engine, governing:
  • Authorization, approvals, limits, and segregation of duties
  • Transaction controls and exception handling
  • Policy versioning, auditability, and enforceability
  • Ensure policies are code‑driven, deterministic, observable, and testable.
  • Translate business, legal, and risk requirements into clear, enforceable technical controls.
  • Serve as a trusted technical advisor on custody governance topics.

Disaster Recovery, Resilience & Incident Ownership

  • Own custody‑specific disaster recovery strategies, including key recovery, quorum loss scenarios, and chain events.
  • Author and maintain incident response and recovery runbooks for custody‑related failures or security events.
  • Partner with Operations, Security, and SRE to ensure practicable, tested recovery procedures.
  • Lead post‑incident technical analysis, root cause reviews, and long‑term remediation strategies.

Overall Custody Architecture & Risk Posture

  • Act as the custody architecture authority, ensuring consistency across wallets, blockchains, environments, and platforms.
  • Identify architectural and operational risks early; propose mitigation strategies with clear trade‑offs.
  • Ensure custody designs scale across assets, chains, and future tokenized products.
  • Influence enterprise standards by raising the bar on security, resilience, and technical rigor.

AI‑Augmented Engineering Excellence

  • Leverage GenAI and agentic AI tools to accelerate architecture design, threat modeling, documentation, testing, and reviews.
  • Set expectations for AI‑assisted engineering rigor-speed with correctness, not shortcuts.
  • Partner with engineering teams to raise architecture, code, and documentation quality across custody components.

What you have

Required Qualifications

  • 10+ years of software engineering experience, with deep specialization in security‑sensitive or cryptographic systems.
  • Strong hands‑on experience with HSMs, MPC frameworks, and secure key management systems.
  • Experience with Web3 Security tooling such as Slither, Mythril, Foundry Fuzzing
  • Experience with common cryptography implementation languages such as C, C++, Rust, Go
  • Experience with collaborating with security auditors, Ex: Trail of bits, halborn,
  • Proven ability to design systems where failure has material risk implications.
  • Strong grounding in distributed systems, secure architectures, and fault‑tolerant design.
  • Track record of acting as a technical authority without formal people management.

Strongly Preferred

  • Experience with crypto custody, digital asset platforms, or blockchain infrastructure.
  • Prior ownership of incident response, DR design, or security runbooks.
  • Ability to articulate risk‑based trade‑offs clearly to technical and non‑technical stakeholders.
  • Systems thinker who connects technology, security, policy, and operations.
  • Comfortable challenging assumptions and raising concerns early in high‑stakes environments.
  • Experience applying AI tools to complex engineering workflows.

What Success Looks Like

  • Custody key management and policy systems are secure, resilient, auditable, and trusted.
  • Failure modes are well understood, modeled, and operationally prepared for.
  • Incidents are handled with clarity, speed, and technical confidence.
  • Custody architecture scales across assets, chains, and tokenized products without erosion of risk posture.
  • This role is viewed as the technical backbone of Schwab's digital‑asset custody strategy.

"In addition to the salary range, this role is also eligible for bonus or incentive opportunities."

About the Company

T

The Charles Schwab Corp

The Charles Schwab Corporation is a leading provider of financial services, with more than 300 offices. Through its operating subsidiaries, the company provides a full range of securities brokerage, banking, money management and financial advisory services to individual investors and independent investment advisors. Named "Highest in Investor Satisfaction with Self-Directed Services" by J.D. Power and Associates in 2009, its broker-dealer subsidiary, Charles Schwab & Co., Inc. (member SIPC) affiliates offer a complete range of investment services and products including an extensive selection of mutual funds; financial planning and investment advice; retirement plan and equity compensation plan services; referrals to independent fee-based investment advisors; and custodial, operational and trading support for independent, fee-based investment advisors through Schwab Advisor Services.

The Charles Schwab Bank (member FDIC) provides banking and mortgage services and products. To meet the needs of our clients, we are actively recruiting people with the desire, drive and creativity to find solutions that help meet our clients' needs; who want the chance to learn, grow with the company and explore their career opportunities; who will strive for excellence in achieving our clients' and our company's goals; who have the highest ethical standards - individuals who take pride in making a difference in people's lives.
COMPANY SIZE
1,000 to 1,499 employees
INDUSTRY
Security and Surveillance
FOUNDED
1971
WEBSITE
http://www.aboutschwab.com/careers