Global Risk and Security
(GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the
Enterprise Security and Fraud
(ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. As the
Senior Cybersecurity Risk Advisor
supporting Vanguard's Global Enterprise Security (GES) function, you will play a pivotal role on a new team in Technology Risk focused on enhancing line 2 oversight of Vanguard's Enterprise Security & Fraud services. In this role you will act as an independent challenger and advisor to the GES organization and will influence critical initiatives, execute risk assessments, manage top risks and ensure comprehensive controls exist while collaborating with other risk partners and business units across the global organization. This is a senior position that is dynamic, highly visible, and will allow you to deliver tangible value in enhancing our ability to protect clients as well as shape our new team's strategy and vision. An ideal candidate has a blend of risk management and broad cyber experience in areas such as DevSecOps, Vulnerability Management, AppSec, Third-Party Security, GRC, and Security Awareness. Strong communication and written skills are required to influence senior decision makers. Sr. Cybersecurity Risk Advisor:
Provides risk guidance, oversight, and assurance services to enterprise and divisional partners based on the Vanguard's operational and strategic risk framework. Ensures the development and implementation of effective divisional risk controls. Provides expert level technical risk advice and direction across GES capabilities. Leads and manages the efficiency and effectiveness of technical risk management within GES. Sets measurable goals and examines ways to raise standards, to increase quality and to improve overall technical risk management efforts of the team. Measures departmental success in identifying and managing technical risk exposure, and identifies and prioritizes existing and emerging risks and advises on appropriate control design and testing. Provides technical risk and architecture thought leadership and expertise. Leads and assists GES in the development, implementation and management of short- and long-term technical risk management strategies in accordance with department goals and objectives, standard risk management policies and procedures, and the overall risk strategy. Works with GES to mitigate risks and optimize process efficiency. Uses expert IT industry best practice knowledge to design effective controls, and makes recommendations for developing new technical risk management strategies for the business. Provides consultation, facilitation and analytical support to the divisional management team as new products, services, processes and procedures are developed to ensure risk is properly mitigated. Identifies potential solutions and recommends development options. Develops and maintains strong relationships with enterprise and divisional clients to understand their ongoing risk needs. Acts as a thought partner to the business, and effectively persuades and influences others. Assesses the design of existing controls and make recommendations, leverages industry best practice for improvement as needed. Understands the risk management framework and utilizes the core concepts when discussing risk exposures with the business. Identifies and advises on opportunities for continuous quality improvement of technical standards, methodologies, and technologies. Participates in special projects and performs other duties as assigned. Qualifications
Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred. Minimum of eight years experience in Risk Management, Cybersecurity, or IT Certificates in relevant domains (e.g. CISSP, CRISC, AWS, Azure, etc) Familiarity with relevant frameworks (i.e. NIST CSF, ISO 27001) Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position. About Vanguard
At Vanguard, we don't just have a mission-we're on a mission. To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best. Our commitment to diversity, equity, and inclusion
Vanguard's commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse-one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients. Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress-from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences. Together, we're on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care-for our clients, our communities, and each other. Vanguard's DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report. How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
#J-18808-Ljbffr
(GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the
Enterprise Security and Fraud
(ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. As the
Senior Cybersecurity Risk Advisor
supporting Vanguard's Global Enterprise Security (GES) function, you will play a pivotal role on a new team in Technology Risk focused on enhancing line 2 oversight of Vanguard's Enterprise Security & Fraud services. In this role you will act as an independent challenger and advisor to the GES organization and will influence critical initiatives, execute risk assessments, manage top risks and ensure comprehensive controls exist while collaborating with other risk partners and business units across the global organization. This is a senior position that is dynamic, highly visible, and will allow you to deliver tangible value in enhancing our ability to protect clients as well as shape our new team's strategy and vision. An ideal candidate has a blend of risk management and broad cyber experience in areas such as DevSecOps, Vulnerability Management, AppSec, Third-Party Security, GRC, and Security Awareness. Strong communication and written skills are required to influence senior decision makers. Sr. Cybersecurity Risk Advisor:
Provides risk guidance, oversight, and assurance services to enterprise and divisional partners based on the Vanguard's operational and strategic risk framework. Ensures the development and implementation of effective divisional risk controls. Provides expert level technical risk advice and direction across GES capabilities. Leads and manages the efficiency and effectiveness of technical risk management within GES. Sets measurable goals and examines ways to raise standards, to increase quality and to improve overall technical risk management efforts of the team. Measures departmental success in identifying and managing technical risk exposure, and identifies and prioritizes existing and emerging risks and advises on appropriate control design and testing. Provides technical risk and architecture thought leadership and expertise. Leads and assists GES in the development, implementation and management of short- and long-term technical risk management strategies in accordance with department goals and objectives, standard risk management policies and procedures, and the overall risk strategy. Works with GES to mitigate risks and optimize process efficiency. Uses expert IT industry best practice knowledge to design effective controls, and makes recommendations for developing new technical risk management strategies for the business. Provides consultation, facilitation and analytical support to the divisional management team as new products, services, processes and procedures are developed to ensure risk is properly mitigated. Identifies potential solutions and recommends development options. Develops and maintains strong relationships with enterprise and divisional clients to understand their ongoing risk needs. Acts as a thought partner to the business, and effectively persuades and influences others. Assesses the design of existing controls and make recommendations, leverages industry best practice for improvement as needed. Understands the risk management framework and utilizes the core concepts when discussing risk exposures with the business. Identifies and advises on opportunities for continuous quality improvement of technical standards, methodologies, and technologies. Participates in special projects and performs other duties as assigned. Qualifications
Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred. Minimum of eight years experience in Risk Management, Cybersecurity, or IT Certificates in relevant domains (e.g. CISSP, CRISC, AWS, Azure, etc) Familiarity with relevant frameworks (i.e. NIST CSF, ISO 27001) Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position. About Vanguard
At Vanguard, we don't just have a mission-we're on a mission. To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best. Our commitment to diversity, equity, and inclusion
Vanguard's commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse-one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients. Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress-from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences. Together, we're on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care-for our clients, our communities, and each other. Vanguard's DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report. How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
#J-18808-Ljbffr
