Senior Manager IT Security Audit

Vanguard's Global Technology Audit Services team has an IT Security Audit Senior Manager position available in our Security and Privacy Audit team in Malvern, PA. You will lead a team of highly engaged employees and build relationships in Vanguard's IT space. You'll offer your IT security knowledge; (cloud security, security frameworks ie: ISO 27000, NIST, and CIS Controls) and work with the team to execute assurance and advisory engagements within Policy and Governance, Architecture and Engineering, Application Security, Web and Mobile Security, Infrastructure Security, Access Management, Threat and Vulnerability Management, Security Monitoring, Incident Response, and Cloud Security domains. Exposure to Audit, risk and controls expertise is preferred.

In this role you will:

  • Influence senior leaders to take action to strengthen the control environment and make process improvements. By cultivating positive and effective working relationships with these aligned business areas, and risk partners, you'll further drive Internal Audit's position as a trusted advisor.
  • Assist the Audit Director in crafting key messages and communications for senior management and other governance bodies, including: objectives of an engagement, status and results of assigned work, and audit and advisory findings, ratings, and recommendations.
  • Leverage data analytics to support engagements, both to enhance scoping and strengthen recommendations.
  • Train, develop and motivate employees so they can achieve their personal, departmental, and organizational objectives.
  • Deliver high quality, impactful, and timely results. To drive continuous improvement, you'll participate and, at times, lead team, departmental and/or divisional projects to effectively deliver on operational and strategic goals.
You will be a true partner to our business: working side by side with aligned departments in an agile setting. You'll offer deep analysis of the businesses processes, determine levels of associated risk, and evaluate controls to ensure adequacy within the security and privacy domains. During the planning, testing, reporting, and follow-up steps of the audit process, you'll provide proactive consultation and identify opportunities for improvement that allow business groups to achieve operational and strategic goals.

What it takes:

  • Undergraduate degree in a related field of concentration or equivalent combination of training and experience. Professional certification or advanced degree (e.g., CISSP, CISM, CompTIA, SANS, ISC2, etc.) is a plus.
  • Strong IT security knowledge with eight to eleven years of experience within the industry with four years in a people leadership role.
  • Working experience with common security risk frameworks, for instance, ISO 27000, NIST, and CIS Critical Security Controls.
  • Working experience and/or knowledge of web and mobile technology.
  • Experience in audit, risk, or controls (i.e. operational audits, security assessments, internal audits, advisory/consulting, controls/compliance/legal) with four or more years of previous project management experience preferred.
  • Ability to present findings and industry insights to senior leaders across the company.
  • Strong conceptual thinking aptitude and ability to persuade and influence others.
  • Demonstrated ability to work in a complex, dynamic, and fast-paced environment with strong inherent project execution skills, including: prioritizing tasks, balancing workload between multiple projects, anticipating next steps, adapting to changing situations and project scope.
  • Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives.
  • Experience in situations requiring diplomacy.
  • Strong negotiation skills.
  • Excellent relationship skills and client focused mindset.


Back to top