Governance, Risk, and Compliance Analyst, Specialist
Malvern, PA, United States
Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.
Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.
Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.
We are seeking a passionate and driven GRC Analyst to join our IAM Governance, Risk, and Control team. This role is pivotal in shaping the future of our operational risk and control environment. As we mature our GRC capabilities, you will help define and maintain our operational control inventory, enhance our risk mitigation processes, and elevate our ability to perform rigorous testing across our control landscape.
Job Description
Recommends, develops, implements, and monitors enterprise-wide information security policies, procedures, and operational guidelines. Researches and develops solutions for information security issues and promotes information security awareness.
Core Responsibilities
1. Works with IT subdivisions and business units as the technical authority regarding security of application and systems software, equipment, and related capabilities and performance characteristics to evaluate their effectiveness at meeting defined security requirements, determining integration requirements and identifying ramifications on IT and business unit operations of their implementation.
2. Supports the development and maintenance of a portfolio of global identity and access management policies and standards - namely associated risks, operational controls, and key controls that evidence compliance to the IAM Policy and Standards. Monitors and maintains the lifecycle of the portfolio.
3. Advises key stakeholders and security policy and control owners during policy and compliance discussions. Interfaces with clients on all inquiries related to Information and IT Security capabilities - specifically IAM compliance and control performance.
4. Works with Compliance and Regional Security teams to understand global regulatory requirements for security, develop global Security policies and standards, and oversee implementation. Interfaces with external regulators for information and IT Security - specifically related to access management.
5. Conducts security assessments, risk analyses and assesses contingency plans for Vanguard computer facilities, telecommunications capabilities, and installations to verify existence and effectiveness of safeguards.
6. Reviews and analyzes current and proposed policy directives and IT technical issues which may affect the implementation of Information Security Identity and Access requirements across the enterprise.
7. Recommends, develops, implements and coordinates new security policies, standards, procedures and operating doctrine at all levels across the company. Interprets policy relating to Vanguard information security functions and provides guidance, as required.
8. Participates in special projects and performs other duties as assigned.
Qualifications
- Five years related work experience, Information Security experience preferred.
- Undergraduate degree or equivalent combination of training and experience. Computer Science degree preferred.
- One or more of CISSP, CISM, CISA, CIA, CPA, or other relevant certifications required as per the role.
Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.About Vanguard
At Vanguard, we don't just have a mission—we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CIA CISA CISM CISSP Compliance Computer Science Governance IAM Security assessment Strategy
Perks/benefits: Career development Health care Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.