Sr. Third Party Security Assessor

Provides expert technical expertise and consultation on the development and support of all activities, processes, and tools used for assessing, validating, and ensuring the vulnerability validating and insuring the and integrity of systems, architectures, and configurations. Conducts security assessments, risk analyses and assesses contingency plans for Vanguard business applications, systems, networks, and websites.

In this role the successful candidate:

• Develops and leads security assessments to measure the adequacy of existing information security controls. Identifies and advises on potential and actual system vulnerabilities, integration requirement and ramifications, and emerging strategic security needs and recommends corrective measures.
• Leads and oversees reporting on information security risks and works with IT sub-divisions, third party partners, and business units in identifying the impact of technology implementation on IT and business unit operations.
• Leads and maintains evaluation and assessment process of security requirements for data systems, networks, or websites. Participates in identification enterprise technical security solutions, and coordinate and lead adoption of new security initiatives and solutions
• Develops and defines best practices for assessments of assets, risks, and the implementation of appropriate data security procedures and products to ensure security requirements are met. Determines integration requirements, updates security standards documents with feedback from relevant security and technology teams, identifies security gaps, and evaluates and implements enhancements.
• Validates functionality and effectiveness of development, testing and implementation processes for security plans, risk assessments, products, and control techniques. Conducts system security and vulnerability analyses and risk assessments.
• Evaluates Vanguard technical acquisitions, infrastructure and development processes, and investigates complex potential or actual information security violations to ensure that adequate security measures are established and maintained, according to established policies.
• Leads, develops, and oversees security assessment plans, participates in the security vulnerability mitigation and acceptance process, and manages vendor relationships.
• Acts as an industry expert in emerging security practices and standards. Maintains expert knowledge of industry policies and trends.
• Assists in the design and delivery of Third-Party Security related strategic initiatives.
• Participates in special projects and performs other duties as assigned.

What it takes:

• Minimum of eight years of direct Third-Party Security, IT Security, Cyber Security, and/or IT Audit experience.
• Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
• At least one professional security certification such as ISC2 CISSP, GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), etc.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.