Security Awareness Specialist

Vanguard•Malvern, PA

3d•Hybrid

About The Position

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape. Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core. Vanguard, one of the world's largest investment management companies, serves individual investors, institutions, employer-sponsored retirement plans, and financial professionals. We have a diverse and talented crew with a culture that promotes teamwork, along with an unwavering focus on serving our clients' best interests. This website uses "cookies" to distinguish you from other users. A cookie is a small file of letters and numbers placed on your computer or device. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site and services. The cookies are stored locally on your computer or mobile device. To accept cookies you can continue browsing as normal. Or you can go to our Privacy Policy to read more information and learn how to change your preferences. How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Requirements

Minimum five years related work experience with three years experience in IT security or application development.
Undergraduate degree in related field or equivalent combination of training and experience.

Nice To Haves

Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Responsibilities

Leads and conducts security assessments to measure the adequacy of existing information security controls. Identifies potential and actual system vulnerabilities, integration requirement and ramifications, and emerging strategic security needs and recommends corrective measures.
Coordinates reporting on information security risks and works with IT sub-divisions, third party partners, and business units in identifying the impact of technology implementations on IT and business unit operations.
Leads and maintains the evaluation and assessment process of in determining security requirements for data systems, networks, or websites. Identifies system issues and recommends technical security solutions. and Coordinates and leads the adoption of new security initiatives and solutions.
Leads technical support for assessments of assets, risks, and the implementation of appropriate data security procedures and products. Ensures security requirements are met during implementation.
Ensures the adequacy of development, testing and implementation processes for security plans, risk assessments, products, and control techniques.
Evaluates Vanguard technical acquisitions, infrastructure and development processes, and investigates complex potential or actual information security violations to ensure that adequate security measures are established and maintained, according to established policies.
Leads and coordinates security assessment plans, participates in the security vulnerability mitigation and acceptance process, and assists with managing vendor relationships.
Participates in special projects and performs other duties as assigned.