IT Audit Engagement Manager

Vanguard•Malvern, PA

1d•Hybrid

About The Position

Vanguard has an exciting new opportunity for an IT Engagement Manager in Internal Audit focused on evaluating technology-related risks and controls across Vanguard. In this role, you will be responsible for supporting risk-based audit engagements serving as a trusted partner to Internal Audit by providing deep subject-matter expertise across technology, cybersecurity, governance, risk, and controls. This role delivers strategic insights, technical consultation, and data-driven analysis to support audit planning, execution, and issue management, while also leveraging the use of control automation and analytics capabilities. Collaboration with stakeholder groups across divisions is key to implementing the audit coverage strategy for critical risk topics. Ideal candidates should possess strong critical thinking, project management, relationship management, influence, communication, judgment, and decision-making skills.

Requirements

Minimum of five years related work experience.
IT Audit, information technology or cybersecurity experience preferred.
Undergraduate degree or equivalent combination of training and experience.
Strong technical understanding of IT environments and controls.
Excellent communication, interpersonal, and critical thinking skills.

Nice To Haves

IT degree or concentration preferred.
Graduate degree preferred.

Responsibilities

Serve as a trusted technology risk advisor to audit teams and technology partners by providing insight on technology, cybersecurity, governance, risk, and controls, grounded in an understanding of Vanguard’s technology environment.
Lead audit pre‑planning and reconnaissance activities for technology risk, including evaluating prior audit results, changes to systems and infrastructure, emerging risks, and control design to inform engagement scope, risk focus, and audit approach.
Leverage AI to enhance audit effectiveness, including streamlining pre-audit planning and recon work, as well as to provide analysis on appropriate technology controls, governance, and risk considerations.
Collaborate with Internal Audit’s analytics and automation team to drive data‑driven initiatives and control automation for teams within the different domains in Internal audit such as the Business & Corporate, Finance, and SOX.
Provide technical direction across the audit lifecycle, guiding teams through technology risk assessment, audit scoping and planning, risk and control development, data analysis, control evaluation, testing, and reporting, including assessment of the design and operating effectiveness of technology controls.
Assess the adequacy of the technology control environment by identifying control gaps, emerging risks, and opportunities for improvement, and delivering practical, value‑added recommendations that strengthen controls and operating practices.
Communicate technology risks and audit results clearly and effectively to stakeholders at various levels, influencing management to take action and drive improvements to the technology control environment.
Guide audit team members by setting clear expectations, reviewing work for quality and technology risk coverage, and providing timely, actionable feedback to build technical and analytical capability.
Build and maintain strong relationships with technology management and IT risk partners.
Contribute to special projects and additional duties as needed.