Governance, Risk & Compliance Analyst, Specialist

Vanguard Group, Inc.

$80K — $110K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Five years of experience in Information Security or fraud-related fields.
  • Undergraduate degree; Computer Science preferred but not mandatory.
  • Expertise in frameworks like NIST CSF, NIST 800-53, and ISO 27002, especially within financial services.
  • Experience with GRC solutions and automation techniques.
  • Strong communication and influencing skills to engage diverse stakeholders.
  • Ability to impact policies and controls effectively.
  • Preferred certifications include CISSP, CISM, or similar.

Responsibilities

  • Serve as the expert on security for applications and systems, evaluating their effectiveness and integration needs.
  • Conduct comprehensive security and fraud assessments and risk analyses to validate safeguards.
  • Manage and maintain global security and fraud policies, ensuring compliance and effectiveness throughout their lifecycle.
  • Advise stakeholders and policy owners on security policies, acting as the main point of contact for inquiries.
  • Coordinate with Compliance and Regional teams to interpret regulations and develop related security policies.
  • Analyze current policies and directives to recommend improvements for information security.
  • Implement automated solutions and data-driven dashboards to enhance risk management processes.

Benefits

  • Comprehensive health and wellness plans.
  • 401(k) retirement savings plan with company match.
  • Generous paid time off, including vacation and sick leave.
  • Access to professional development resources and training opportunities.
  • Opportunities for career advancement within a global firm.
Full Job Description
Responsibilities
  • Works with Enterprise Security and Fraud subdivisions and business units as the technical authority regarding security of application and systems software, equipment, and related capabilities and performance characteristics to evaluate their effectiveness at meeting defined requirements, determining integration requirements and identifying ramifications on operations of their implementation.
  • Conducts security and fraud assessments, risk analyses and assesses contingency plans for to verify existence and effectiveness of safeguards.
  • Supports the development and maintenance of a portfolio of global security and fraud policies and standards. Monitors and maintains the lifecycle of the portfolio. Responsible for oversight of management and decisions related to methodology and policy for all Security and fraud functions.
  • Advises key stakeholders and security policy owners during policy and standards discussions. Interfaces with clients on all inquiries related to Information and IT Security and fraud capabilities.
  • Works with Compliance and Regional Security and Fraud teams to understand global regulatory requirements, develop global and regional policies and standards, and oversee implementation. Interfaces with external regulators for Information and IT Security and Fraud.
  • Reviews and analyzes current and proposed policy and standards directives and IT technical issues which may affect the implementation of Information Security and Fraud across the enterprise.
  • Recommends, develops, implements and coordinates new security policies, standards, controls and operating doctrine at all levels across the company. Interprets policy relating to Vanguard information security and frau functions and provides guidance, as required.
  • Defines and implements automations to accelerate delivery and improve effectiveness.
  • Defines and implements data-driven approaches and dashboards to predict risk issues, develop solutions, and partner with key owners and stakeholders.
  • Designs, implements and supports modernized GRC process and tool capabilities.
  • Participates in special projects and performs other duties as assigned.


Qualifications
  • Five years related work experience, Information Security or fraud experience required.
  • Undergraduate degree or equivalent combination of training and experience. Computer Science degree preferred.
  • In-depth knowledge of relevant frameworks and standards (i.e., NIST CSF, NIST 800-53, CIS Controls, ISO 27002) and financial services industry cyber regulations and guidelines, and considered an expert in the domain.
  • Demonstrated experience with GRC solutions platform and automation capabilities.
  • Excellent communication and influencing skills.
  • Influence key stakeholders and security policy and control owners.
  • Professional certification (CISSP, CISM, CompTIA, SANS, ISC2) preferred.

Special Factors

Sponsorship
Vanguard is not offering visa sponsorship for this position.

}

Similar Jobs

More Jobs at Vanguard Group, Inc.

More Information Technology Jobs

Find similar Governance, Risk & Compliance Analyst, Specialist jobs: