Cyber Threat Management Analyst, Specialist

Duties and Responsibilities

• Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.
• Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.
• Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.
• Develop and maintain dashboards and alerts for AI activity, including prompt filtering, rejected requests, and anomalous usage patterns. Partner with runtime and architecture teams to validate telemetry coverage and ensure visibility into AI-driven workflows
• Lead and document security assessments for AI-enabled applications, ensuring adherence to enterprise security guidelines, evaluating guardrail configurations, and identifying control gaps related to data exposure, model invocation, and scope of AI usage
• Reviews the network environment for new and evolving cyber threats and providing preventive and remedial solutions. Identifies malicious activity by performing analysis on logs, traffic flows, and other investigative detective activities.
• Implements security detections within the SIEM and tunes and maintain existing rulesets. Is familiar with implementing Machine Learning and RBA detections.
• Partners with the SOC to implement standard operations procedures (SOP) for new threat detections.
• Leads with IT and business teams to ensure prompt and effective distribution of findings so incidents are effectively addressed. Provides department support to the business on enterprise-wide security initiatives and projects.
• Mentors junior team members to improve their technical acumen
• Participates in special projects and performs other duties as assigned.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent demonstrated experience in security operations, threat detection, and incident response within a SOC environment.
• Experience with SIEM platforms such as Elastic or Splunk
• Familiarity with log normalization, enrichment, and correlation strategies.
• Experience with security assessments of critical applications and AI/ML platforms.
• Continuous learning mindset with exposure to cloud security (AWS, Azure) and compliance frameworks (SOX, SOC2, DORA).
• Preferred certifications: CISSP, or the ability to obtain within 12 months of hire.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.