Technical Risk Assurance Analyst, Specialist

**About Vanguard**

Vanguard Australia has been helping investors achieve their long-term financial goals for over 20 years. Serving institutional and individual clients, and financial advisers, we offer investment solutions that are low-cost, diversified and robust through time.

With more than AUD $11 trillion in assets under management Vanguard is one of the world’s largest global investment management companies. In Australia we partner with institutional clients, financial advisers and individual investors to offer low-cost investment solutions. Our comprehensive range of managed funds, exchange traded funds (ETFs) and tailored investment solutions are built to support long-term investment success for our clients.

**Our Team & Opportunity**

Work with vendors to perform a security assessment of their information security capability to ensure adequate controls are maintained and the introduction of new security risk is avoided. Assist with BAU and adhoc work associated with the Governance Risk and Compliance (GRC) function.

The Enterprise Security and Fraud team is a highly motivated and engaged group of technical experts. They are a fun, passionate, diverse team who enjoy a challenge and a laugh.

***What you will do**
- Conducts security assessments to measure the adequacy of existing information security controls. Identifies potential and actual system vulnerabilities and emerging strategic security needs, and recommends corrective measures.
- Consults with IT sub-divisions, third party partners, and business units in defining standard consistent reporting formats and providing standard data reports.
- Participates and documents evaluation and assessment of security requirements for third parties data systems, networks, or websites.
- Leads technical support for assessments of assets, risks, and the implementation of appropriate data security procedures and products.
- Assists in the review, development, testing, and implementation processes for security plans, risk assessments, products and control techniques.
- Administers asset inventory and assessment schedules, and provides metrics on security consulting resources, assists with managing vendor relationships.
- Assist in BAU and adhoc work associated with the Governance Risk and Compliance function
- Participates in special projects and performs other duties as assigned.

**What are we looking for**
- Undergraduate degree in related field or equivalent combination of training and experience.
- Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

**Specialisations that will make an impact**
- They will have led or been involved in Vendor management and/or had exposure to risk and controls frameworks.
- Additional exposure to regulators like ASIC and APRA would be beneficial

**Inclusion Statement**

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: “Do the right thing.”

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard’s core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

**How We Work**

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.