Information Security Specialist
- London, United Kingdom
Join Vanguard Europe and help us in our mission: to take a stand for all investors, treat them fairly, and give them the best chance for investment success. Here, you can be a part of a culture that promotes teamwork, integrity and doing the right thing for our clients and our crew!
We are looking for an Information Security Specialist to join our Fraud, InfoSec and Europe Security team and you will be responsible for the following duties;
- As a technical authority, work with the wider Information Security Teams, to support individual Business clients including IT sub-divisions, third party partners, and the business units. Including, in relation to the security of business applications and systems for the purpose of evaluating their effectiveness at meeting defined security requirements, determining integration requirements and identifying ramifications on IT and business unit operations of their implementation.
- Maintain Information Security compliance with regulatory requirements and expectations and ensure improvement opportunities are fully identified, progressed and tracked to resolution.
- Ensure that good governance is maintained and supported with a top down approach, including, identifying and preparing meaningful Information Security management information and reporting.
- In conjunction with Business relationship owners, support and maintain local Europe involvement in the information security assessment assurance process for Third-Party Risk Management security. Likewise, ensure that oversight of internal outsourced services is maintained locally in line with regulatory expectations.
- Identify and maintain a list of client information assets and ensure that they are adequately secured and mapped to the technology infrastructure.
- Provide local Europe participation in security assessment process improvements.
- Consolidate and leverage existing programs to ensure that processes are in place to identify, manage, monitor and report emerging threats and issues specific to the European business.
- Identify and adapt existing enterprise information security communication practices and techniques for the delivery of Information Security awareness and education in Europe.
- Ensure the adequacy of existing information security controls, identify actual and potential system vulnerabilities and recommend corrective measures. Identify emerging strategic security needs and makes recommendations to resolve issues prior to their fruition.
- Support Security Assessment plans. Work with Third Party Security Management (TPSM) team and Platform Security Coordinators (PSC), third party relationship owners and external consultants to schedule and undertake various types of security assessments for the European Business. Document and distribute assessment reports.
- Conduct security assessments, risk analyses and assess contingency plans for Vanguard Business Applications, systems, and partners to verify existence and effectiveness of safeguards.
- Participate in the identification of technical security solutions, and coordinate and lead adoption of new security initiatives and solutions in line with recognised practices and processes.
- Investigate complex potential or actual information security violations or incidents and identify areas or issues requiring IT security-related research and development efforts. Conduct intense analyses and evaluation of technical and administrative security measures which may not have clear precedents.
- Participate in information security incident and event management and resolution.
- Create and maintain Information security champion network for Europe.
What it takes
- Undergraduate degree or equivalent combination of training or experience required in Computer. Sciences preferred.
- CISSP, CISM, GIAC, CIS Critical Security Controls, (GSEC), GIAC Certification.
- Penetration Tester Certification (GPEN), or similar preferred.
- Comprehensive knowledge of ISO 27001/02 and NIST Cybersecurity Framework.
- Extensive experience in a Cyber / IT Security Management role essential, including business systems and control systems.
- Experienced in delivering cyber security knowledge and awareness programs to staff, contractors and 3rd parties.
- Track record practicing continuous improvement methodologies, desirable
- Demonstrated excellent professional, communication, interpersonal, and influence skills.
- As applicable, completion of required Vanguard security training for the relevant assessments.
- We will not be providing sponsorship for this vacancy
We are Vanguard. Together, we're changing the way the world invests.
For us, investing doesn't just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose - and that's how we've become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.
We want to make success accessible to everyone. This is our opportunity. Let's make it count.
Vanguard's continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: "Do the right thing."
We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard's core purpose through our values.
When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.
Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.
INTERNAL AND DIRECT APPLICATIONS ONLY
Please note, current suppliers and potential suppliers are not permitted to communicate with or contact or send or otherwise provide any speculative resumes to any department, business unit, subsidiary or affiliate of Vanguard, or any employee thereof, at any time unless expressly instructed or permitted by a member of Vanguard's HR department. For the avoidance of doubt, Vanguard will not pay any fees to a supplier or potential supplier in respect of any candidate unless Vanguard has either requested the referral or given its prior written consent to the referral. If you would like to partner with Vanguard Europe, please contact firstname.lastname@example.org
Back to top