Senior Manager, Technical Risk Assurance

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in a constantly evolving security landscape.

Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core. 

The Senior Manager, Technical Risk Assurance will lead a team that provides expert technical expertise and consultation on the development and support of all activities, processes, and tools used for assessing, validating, and ensuring the vulnerability integrity of systems, architectures, and configurations. Oversee security assessments, risk analyses and contingency plans for Vanguard business applications, systems, networks, and websites.

Senior Manager, Technical Risk Assurance:

• Hires, evaluates, and supervises crew. Provides guidance and training as necessary to develop crew. Sets performance standards, reviews performance, and makes informed compensation decisions in accordance with all applicable Human Resources policies and procedures.
• Develops and leads security assessments to measure the adequacy of existing information security controls. Identifies and advises on potential and actual system vulnerabilities, integration requirements and ramifications, and emerging strategic security needs and recommends corrective measures.
• Leads and oversees reporting on information security risks and works with IT sub-divisions, third party partners, and business units in identifying the impact of technology implementation on IT and business unit operations.
• Leads the team in developing and defining best practices for assessments of assets, risks, and the implementation of appropriate data security procedures and products to ensure security requirements are met. Determines integration requirements, oversees the maintenance of security standards documents with feedback from relevant security and technology teams, identifies security gaps, and evaluates and implements enhancements.
• Validates functionality and effectiveness of development, testing and implementation processes for security plans, risk assessments, products, and control techniques. Conducts system security and vulnerability analyses and risk assessments.
• Design and implement automation solutions to modernize manual risk assessments, compliance tracking and control validation processes.
• Leverage AI/ML scripting, and workflow automation tools to improve efficiency and accuracy in risk assurance activities.
• Continuously identify opportunities to streamline risk management operations using advanced technology to improve the overall client experience.
• Leads the evaluation of Vanguard technical acquisitions, infrastructure and development processes and investigates complex potential or actual information security violations to ensure that adequate security measures are established and maintained, according to established policies.
• Leads, develops, and oversees security assessment plans, participates in the security vulnerability mitigation and acceptance process, and manages vendor relationships.
• Acts as an industry expert in emerging security practices and standards. Maintains expert knowledge of industry policies and trends.
• Participates in special projects and performs other duties as assigned.

What it takes:

• Minimum eight years related work experience. Experience in IT security or application. development preferred. Supervisory experience preferred.
• Undergraduate degree in related field or equivalent combination of training and experience.
• Preferred security certification such as ISC2 CISSP, ISACA CISA, ISACA CISM, ISACACRISC, GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), Offensive Security Certified Professional (OSCP)

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

Our commitment to diversity, equity, and inclusion

Vanguard’s commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse—one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients.

Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress—from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences.

Together, we’re on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care—for our clients, our communities, and each other.    

Vanguard’s DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.