Manager, IT Security Readiness

Vanguard•Malvern, PA

54d•Hybrid

About The Position

As a security readiness manager, you will drive proactive risk assurance across the organization embedding security readiness into every layer of the enterprise. In this role, you'll lead a skilled team focused on delivering robust security assessments that protect systems, architectures, and configurations from emerging threats. You'll drive improvements in risk assessment processes and collaborate across functions to ensure resilience against evolving threats, and champion security-first practices that protect critical assets and enable business continuity. This Hybrid role (in office Tues-Wed-Thurs) can be based in Charlotte, NC, Dallas, TX, or Malvern, PA (HQ)

Requirements

Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience).
Minimum 5 years of relevant work experience, including 3 years in IT security or application development.
Strong knowledge of security frameworks (e.g., NIST, ISO 27001).
Expertise in vulnerability assessment tools and methodologies.
Ability to lead teams and manage cross-functional initiatives.
Excellent analytical, problem-solving, and communication skills.
Experience assessing risk for AI/GenAI platforms, applications, and solutions.

Nice To Haves

Supervisory experience preferred.
CISSP, CRISC, CCSP, GSEC, GPEN, GWPN, CEH, or equivalent security certifications.

Responsibilities

Team Development: Hire, evaluate, and supervise team members. Provide coaching, mentorship, and training to build skills and foster growth.
Performance Management: Set clear performance standards, conduct reviews, and make informed compensation decisions in alignment with HR policies.
Culture & Engagement: Promote a collaborative, high-performance culture focused on security excellence.
Risk Identification: Lead and conduct security assessments to evaluate the adequacy of existing controls and identify vulnerabilities, integration requirements, and emerging risks.
Corrective Actions: Recommend and oversee implementation of remediation measures for identified risks.
Continuous Improvement: Maintain and enhance processes for evaluating security requirements across systems, networks, and applications.
Policy Alignment: Ensure security plans, risk assessments, and control techniques comply with organizational policies and regulatory requirements.
Process Assurance: Validate adequacy of development, testing, and implementation processes for security initiatives.
Security Solutions: Drive adoption of new security technologies and initiatives to strengthen enterprise resilience.
Technical Support: Guide the team in providing technical expertise for risk assessments and secure implementation of systems and products.
Stakeholder Engagement: Coordinate with IT divisions, business units, and third-party partners to assess the impact of technology changes on operations.
Vendor Management: Assist in managing vendor relationships and participate in vulnerability mitigation and acceptance processes.
Reporting: Oversee reporting on information security risks and communicate findings to leadership.
Special Projects: Participate in enterprise-wide initiatives and other duties as assigned.