Governance, Risk & Compliance Analyst, Specialist

VanguardMalvern, PA
Hybrid

About The Position

Works with Enterprise Security and Fraud subdivisions and business units as the technical authority regarding security of application and systems software, equipment, and related capabilities and performance characteristics to evaluate their effectiveness at meeting defined requirements, determining integration requirements and identifying ramifications on operations of their implementation. Supports the development and maintenance of a portfolio of global security and fraud policies and standards. Monitors and maintains the lifecycle of the portfolio. Responsible for oversight of management and decisions related to methodology and policy for all Security and fraud functions. Advises key stakeholders and security policy owners during policy and standards discussions. Interfaces with clients on all inquiries related to Information and IT Security and fraud capabilities. Works with Compliance and Regional Security and Fraud teams to understand global regulatory requirements, develop global and regional policies and standards, and oversee implementation. Interfaces with external regulators for Information and IT Security and Fraud. Reviews and analyzes current and proposed policy and standards directives and IT technical issues which may affect the implementation of Information Security and Fraud across the enterprise. Recommends, develops, implements and coordinates new security policies, standards, controls and operating doctrine at all levels across the company. Interprets policy relating to Vanguard information security and frau functions and provides guidance, as required. Defines and implements automations to accelerate delivery and improve effectiveness. Defines and implements data-driven approaches and dashboards to predict risk issues, develop solutions, and partner with key owners and stakeholders. Designs, implements and supports modernized GRC process and tool capabilities. Participates in special projects and performs other duties as assigned.

Requirements

  • Seven years related work experience.
  • Information Security or fraud experience required.
  • Undergraduate degree or equivalent combination of training and experience.
  • In-depth knowledge of relevant frameworks and standards (i.e., NIST CSF, NIST 800-53, CIS Controls, ISO 27002).
  • In-depth knowledge of financial services industry cyber regulations and guidelines.
  • Demonstrated experience with GRC solutions platform and automation capabilities.
  • Excellent communication and influencing skills.
  • Ability to influence key stakeholders and security policy and control owners.

Nice To Haves

  • Professional certification (CISSP, CISM, CompTIA, SANS, ISC2) preferred.

Responsibilities

  • Serve as the technical authority regarding the security of application and systems software, equipment, and related capabilities and performance characteristics.
  • Evaluate the effectiveness of security measures at meeting defined requirements.
  • Determine integration requirements and identify ramifications on operations of their implementation.
  • Support the development and maintenance of a portfolio of global security and fraud policies and standards.
  • Monitor and maintain the lifecycle of the policy and standards portfolio.
  • Provide oversight of management and decisions related to methodology and policy for all Security and fraud functions.
  • Advise key stakeholders and security policy owners during policy and standards discussions.
  • Interface with clients on all inquiries related to Information and IT Security and fraud capabilities.
  • Work with Compliance and Regional Security and Fraud teams to understand global regulatory requirements, develop global and regional policies and standards, and oversee implementation.
  • Interface with external regulators for Information and IT Security and Fraud.
  • Review and analyze current and proposed policy and standards directives and IT technical issues.
  • Recommend, develop, implement, and coordinate new security policies, standards, controls, and operating doctrine.
  • Interpret policy relating to Vanguard information security and fraud functions and provide guidance.
  • Define and implement automations to accelerate delivery and improve effectiveness.
  • Define and implement data-driven approaches and dashboards to predict risk issues, develop solutions, and partner with key owners and stakeholders.
  • Design, implement, and support modernized GRC process and tool capabilities.
  • Participate in special projects and perform other duties as assigned.

Benefits

  • Hybrid working model
  • Long-term financial wellbeing focus
  • Opportunities for learning and development
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service