Sr. Third Party Security Assessor

Provides expert technical expertise and consultation on the development and support of all activities, processes, and tools used for assessing, validating, and ensuring the vulnerability validating and insuring the and integrity of systems, architectures, and configurations. Conducts security assessments, risk analyses and assesses contingency plans for Vanguard business applications, systems, networks, and websites.

In this role the successful candidate:

• Develops and leads security assessments to measure the adequacy of existing information security controls. Identifies and advises on potential and actual system vulnerabilities, integration requirement and ramifications, and emerging strategic security needs and recommends corrective measures.
• Leads and oversees reporting on information security risks and works with IT sub-divisions, third party partners, and business units in identifying the impact of technology implementation on IT and business unit operations.
• Leads and maintains evaluation and assessment process of security requirements for data systems, networks, or websites. Participates in identification enterprise technical security solutions, and coordinate and lead adoption of new security initiatives and solutions
• Develops and defines best practices for assessments of assets, risks, and the implementation of appropriate data security procedures and products to ensure security requirements are met. Determines integration requirements, updates security standards documents with feedback from relevant security and technology teams, identifies security gaps, and evaluates and implements enhancements.
• Validates functionality and effectiveness of development, testing and implementation processes for security plans, risk assessments, products, and control techniques. Conducts system security and vulnerability analyses and risk assessments.
• Evaluates Vanguard technical acquisitions, infrastructure and development processes, and investigates complex potential or actual information security violations to ensure that adequate security measures are established and maintained, according to established policies.
• Leads, develops, and oversees security assessment plans, participates in the security vulnerability mitigation and acceptance process, and manages vendor relationships.
• Acts as an industry expert in emerging security practices and standards. Maintains expert knowledge of industry policies and trends.
• Assists in the design and delivery of Third-Party Security related strategic initiatives.
• Participates in special projects and performs other duties as assigned.

• Minimum of eight years of direct Third-Party Security, IT Security, Cyber Security, and/or IT Audit experience.
• Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
• At least one professional security certification such as ISC2 CISSP, GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), etc.