Senior IT Auditor, Security and Privacy

Primary duties and responsibilities:

Vanguard, one of the world’s largest investment management companies and a recognized employer of choice, seeks a Senior IT Auditor to perform complex projects to help Vanguard identify and manage risk to its business and investors. Within the organization, the IT Audit Services (ITAS) team is seen as a critical line of defense for the organization. ITAS is comprised of hard-working, highly motivated, and technically skilled professionals who consistently deliver high-quality work in a dynamic environment. The team also promotes a flexible and well-balanced work environment. Senior IT auditors play a supporting role in all project phases. Individuals in this role demonstrate professional curiosity, have a continuous improvement mindset, possess the desire/aptitude to rapidly learn new skills and exemplify the highest degree of trust and integrity.

Primary Duties and Responsibilities:

  • Execute projects and audits within the domains of: Security Policy, Security Governance, Access and Authentication Management, Threat and Vulnerability Management, Security Threat Intelligence, Security Response Management, and Application Security Architecture.
  • Stay abreast of current and emerging security risks that could impact the Company.
  • Research new technologies, understand existing processes, and reference recognized standards and frameworks.
  • Interface with our project clients to identify and understand potential risk areas.
  • Contribute to the definition of final project scope.
  • Analyze documentation, process information, technical configurations, or other client provided information and document the results of conversations and analysis.
  • Clearly articulate the status and results of work performed, both orally and in written form, to internal management and the project client.
  • Develop staff auditors in audit methodology, the understanding IT process and controls, and direct some staff activities.
  • Operate effectively and with minimal supervision, within a team or independently, performing special projects and related duties, as assigned.
  • Pursue continuous professional development through company paid internal/external training, certifications and/or continuing education.
  • Identify opportunities for continuous improvement.
  • Actively participate in Vanguard’s community service activities

The Ideal Candidate Should Possess:

  • Bachelor’s Degree in Computer Science, MIS, Engineering, Information Security, or a related discipline with solid academic credentials.
  • Minimum of 3-5 years of experience, with 3+ years of recent experience as a security practitioner.
  • Strong IT Security knowledge (application security architecture, network security, IT infrastructure, data security administration, database security). Working experience and/or knowledge of web and mobile technology.
  • Familiarity with common security risk frameworks, for instance, ISO 27000, NIST, and CIS Critical Security Controls.
  • Strong conceptual thinking aptitude.
  • Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives.
  • Professional certification (e.g., CISSP, CISM, CompTIA, SANS, ISC2, etc.) is a plus.
  • Exposure to consulting, internal audit, compliance or other internal control functions is a plus.

Special Factors:

  • Ability to travel up to 10% annually, including domestic and limited international travel. Typical travel in this role is 0 to 5% annually.

Note: Vanguard is not offering visa sponsorship for this position. Additionally, employment is contingent on a successful drug-screening result.

Back to top