Information Technology Risk Advisor

**About Vanguard**

More than 45 years ago, John C. Bogle had a vision to start an investment company that did things differently. A company with no external shareholders. Where all the profits were invested back into the business and used to lower costs. Evidently, it was as bold as it was brilliant. To this day, Vanguard Group still has no external shareholders. That means no share prices to protect, and no profits to generate for outside owners.

Today, Vanguard is one of the world's largest investment management companies, serving more than 50 million investors worldwide. For more than 25 years Vanguard Australia has been supporting individual investors, financial advisers, and superannuation members to achieve their long-term financial goals.

**Our Team and Opportunity**

Information Technology, including data management and Artificial Intelligence is transforming the financial services industry, and Vanguard is on the cutting edge. Come work with a mission-driven organization committed to providing the best possible client experience.

We're hiring an experienced** Information Technology risk adviser** to join our second line Enterprise Risk Management function to partner and support our business, and help Vanguard deliver on its promise to give investors the best chance for investment success.

The Information Technology risk advisor role is a senior role who works with technology leaders to help make risk-smart decisions that balance the needs of our businesses and protect our client and company data. The Information Technology risk adviser is a critical partner to IT on all things from architecture, infrastructure and enablement, model development, model governance and validation, third party management, and more.
- Deep experience in Information Technology
- Expertise in Technology risk management
- Exceptional analytical, communication and written skills
- The ability to build deep relationships, develop others, and achieve results through executive presentation and storytelling skills.

**Core Responsibilities**
- Provides information technology risk assessment, oversight, and consulting services to technology and divisional partners based on implementing Vanguard's enterprise risk framework. You are outcome focused to deliver prioritised solutions for the business, and you provide expert level technical risk advice and direction for business partners.
- Manages the efficiency and effectiveness of information technology risk management within the business. Sets measurable goals and examines ways to raise standards, increase quality and improve the team's technical risk management efforts. Monitors progress and measures departmental success in identifying and managing risk exposure.
- Provides technical risk and architecture thought leadership and expertise. Leads and assists the business in the development, implementation, and management of short
- and long-term technical risk management strategies in accordance with department goals and objectives as well as standard risk management policies and procedures.
- Works with the business to mitigate risks and optimize process efficiency. Uses IT industry best practice knowledge to design effective controls and makes recommendations for developing new technical risk management strategies for the business. Provides consultation, facilitation, and analytical support to the divisional management team as new products, services, processes, and procedures are developed to ensure risk is properly mitigated. Identifies potential solutions and recommends development options.
- Assesses the design of existing controls and make recommendations, leverages industry best practice for improvement as needed. Understands the risk management framework and utilizes the core concepts when discussing risk exposures with the business. Identifies and advises on opportunities for continuous quality improvement of technical standards, methodologies, and technologies.
- Develops strong relationships with enterprise and divisional clients to understand their ongoing risk needs. Builds credibility as a thought partner, effectively persuades and influences others.
- Mentors and influences the business and contributes to departmental maturity initiatives.
- Participates in special projects and performs other duties as assigned.

**What it takes**
- Minimum of five years' experience in Information Technology Risk Management
- Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred as well as certificates in relevant domains (e.g. CISSP, CRISC, AWS)
- Working knowledge of regulatory frameworks related to risk and information security (e.g., CPS234, CPS230
- A good understanding of information security and technology best practice standards and guidelines (e.g., ISO 27001, NIST, iTIL)
- Solid knowledge of superannuation and investment solutions along with cloud computing (e.g., AWS, ServiceNow)

**Inclusion Statement**

Vanguard's contin