Governance, Risk, and Compliance Analyst, Specialist

About the position Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape. Our crew are our greatest resource - by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core. We are seeking a passionate and driven GRC Analyst to join our IAM Governance, Risk, and Control team. This role is pivotal in shaping the future of our operational risk and control environment. As we mature our GRC capabilities, you will help define and maintain our operational control inventory, enhance our risk mitigation processes, and elevate our ability to perform rigorous testing across our control landscape.

Responsibilities

• Works with IT subdivisions and business units as the technical authority regarding security of application and systems software, equipment, and related capabilities and performance characteristics to evaluate their effectiveness at meeting defined security requirements, determining integration requirements and identifying ramifications on IT and business unit operations of their implementation.
• Supports the development and maintenance of a portfolio of global identity and access management policies and standards - namely associated risks, operational controls, and key controls that evidence compliance to the IAM Policy and Standards. Monitors and maintains the lifecycle of the portfolio.
• Advises key stakeholders and security policy and control owners during policy and compliance discussions. Interfaces with clients on all inquiries related to Information and IT Security capabilities - specifically IAM compliance and control performance.
• Works with Compliance and Regional Security teams to understand global regulatory requirements for security, develop global Security policies and standards, and oversee implementation. Interfaces with external regulators for information and IT Security - specifically related to access management.
• Conducts security assessments, risk analyses and assesses contingency plans for Vanguard computer facilities, telecommunications capabilities, and installations to verify existence and effectiveness of safeguards.
• Reviews and analyzes current and proposed policy directives and IT technical issues which may affect the implementation of Information Security Identity and Access requirements across the enterprise.
• Recommends, develops, implements and coordinates new security policies, standards, procedures and operating doctrine at all levels across the company. Interprets policy relating to Vanguard information security functions and provides guidance, as required.
• Participates in special projects and performs other duties as assigned.

Requirements

• Five years related work experience, Information Security experience preferred.
• Undergraduate degree or equivalent combination of training and experience.
• Computer Science degree preferred.
• One or more of CISSP, CISM, CISA, CIA, CPA, or other relevant certifications required as per the role.

Benefits

• Comprehensive health and wellness care
• Work-life balance
• Investment in your future

Apply tot his job Apply To this Job