IT Security Audit Senior Manager

September 18, 2023

September 18, 2023
Wayne, PA, US

Job Requisition #155387

The Internal Audit & SOX (IAS) department has an exciting opportunity for an IT Security Audit Senior Manager in our Global Technology Audit Services (GTAS) team. This role will direct a team of auditors responsible for risk-based audit and consulting engagements within IT’s security domains including Policy and Governance, Architecture and Engineering, Application Security, Web and Mobile Security, Infrastructure Security, Access Management, Threat & Vulnerability Management, Security Monitoring, Incident Response, and Cloud Security domains.

This role is ideal for those passionate about crew development, coaching, and people leadership. It is also ideal for those adept at building strong and trusting partnerships with IT and Security leadership. As a member of the GTAS leadership team, you will be expected to bring a collaborative and development focused approach and environment to the team, working side by side with aligned departments in an agile setting. We look for individuals who have a technical understanding of IT security (cloud security, security frameworks IE: ISO 27000, NIST, and CIS Controls), can think critically and conceptually, have excellent relationship management, communication, influence, judgement, and decision-making skills.

In this role you will:

Hire, evaluate, and supervise crew. Provide guidance and training as vital to develop crew. Set performance standards, review performance, and make informed compensation decisions in accordance with all applicable Human Resources policies and procedures.
Plan, direct, and supervise audit activities for the aligned technology division(s) and functional area(s), including annual/ongoing risk assessments. Assist in resolving audit and consulting plan as well as resource needs.
Lead technology audit and consulting engagements to ensure the timely delivery of the highest quality work and value-add recommendations. May be responsible for multiple engagement teams concurrently working in a matrixed team environment. Deliver technology industry expertise and perspective to the team and business management.
Assist in developing and communicating the objectives of an engagement to audit team, departmental management and business clients. Define engagement scope, resolve level of associated risk and analyze data to determine the underlying root causes. Assess effectiveness of controls based on relevant knowledge and experience and challenge established processes and controls to ensure they are adequate to mitigate risk.
Establish and manage relationships with management across aligned technology division(s) and functional area(s) and risk partners.
Communicate the status and results of assigned work to various levels of management. Influence management to act on recommendations to strengthen the technology control environment and make process improvements.
Communicate expectations to team and provides significant feedback to help develop team members by identifying and communicating areas for improvement in a timely manner. Leverage audit teams’ skills and experience to drive collaboration and ensure work is completed accurately and timely.
Participate in special projects and performs other duties as assigned.

What it takes:

Experience leading others with demonstrated ability and passion for talent attraction, coaching, and development
Demonstrated ability to assess talent, identify strengths and areas for improvement, and provide actionable feedback
Strong IT security knowledge inclusive of web and mobile technology; working experience with common security risk frameworks (i.e., ISO 27000, NIST, and CIS Critical Security Controls)
Proven ability to work in a sophisticated, dynamic, and fast-paced environment with strong inherent project execution skills, including: prioritizing tasks, balancing workload between multiple projects, anticipating next steps, adapting to changing situations and project scope; ability to work well under deadlines
Sound decision making and problem-solving ability to apply analysis, experience, and critical thinking skills
Strong communication, relationship building, and influencing skills; team focused approach
Minimum of five years related work experience; audit, risk, or controls experience preferred; supervisory experience preferred
Undergraduate degree or equivalent combination of training and experience; IT degree or concentration preferred; graduate degree preferred
CISSP, CISM, CompTIA, SANS, ISC2 or other related professional certification preferred

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we’re changing the way the world invests.

For us, investing doesn’t just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose – and that’s how we’ve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let’s make it count.

Inclusion Statement

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: “Do the right thing.”

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

September 18, 2023

Wayne, PA, US

Job Requisition #155387

Transcript

The Internal Audit & SOX (IAS) department has an exciting opportunity for an IT Security Audit Senior Manager in our Global Technology Audit Services (GTAS) team. This role will direct a team of auditors responsible for risk-based audit and consulting engagements within IT’s security domains including Policy and Governance, Architecture and Engineering, Application Security, Web and Mobile Security, Infrastructure Security, Access Management, Threat & Vulnerability Management, Security Monitoring, Incident Response, and Cloud Security domains.

This role is ideal for those passionate about crew development, coaching, and people leadership. It is also ideal for those adept at building strong and trusting partnerships with IT and Security leadership. As a member of the GTAS leadership team, you will be expected to bring a collaborative and development focused approach and environment to the team, working side by side with aligned departments in an agile setting. We look for individuals who have a technical understanding of IT security (cloud security, security frameworks IE: ISO 27000, NIST, and CIS Controls), can think critically and conceptually, have excellent relationship management, communication, influence, judgement, and decision-making skills.

In this role you will:

Hire, evaluate, and supervise crew. Provide guidance and training as vital to develop crew. Set performance standards, review performance, and make informed compensation decisions in accordance with all applicable Human Resources policies and procedures.
Plan, direct, and supervise audit activities for the aligned technology division(s) and functional area(s), including annual/ongoing risk assessments. Assist in resolving audit and consulting plan as well as resource needs.
Lead technology audit and consulting engagements to ensure the timely delivery of the highest quality work and value-add recommendations. May be responsible for multiple engagement teams concurrently working in a matrixed team environment. Deliver technology industry expertise and perspective to the team and business management.
Assist in developing and communicating the objectives of an engagement to audit team, departmental management and business clients. Define engagement scope, resolve level of associated risk and analyze data to determine the underlying root causes. Assess effectiveness of controls based on relevant knowledge and experience and challenge established processes and controls to ensure they are adequate to mitigate risk.
Establish and manage relationships with management across aligned technology division(s) and functional area(s) and risk partners.
Communicate the status and results of assigned work to various levels of management. Influence management to act on recommendations to strengthen the technology control environment and make process improvements.
Communicate expectations to team and provides significant feedback to help develop team members by identifying and communicating areas for improvement in a timely manner. Leverage audit teams’ skills and experience to drive collaboration and ensure work is completed accurately and timely.
Participate in special projects and performs other duties as assigned.

What it takes:

Experience leading others with demonstrated ability and passion for talent attraction, coaching, and development
Demonstrated ability to assess talent, identify strengths and areas for improvement, and provide actionable feedback
Strong IT security knowledge inclusive of web and mobile technology; working experience with common security risk frameworks (i.e., ISO 27000, NIST, and CIS Critical Security Controls)
Proven ability to work in a sophisticated, dynamic, and fast-paced environment with strong inherent project execution skills, including: prioritizing tasks, balancing workload between multiple projects, anticipating next steps, adapting to changing situations and project scope; ability to work well under deadlines
Sound decision making and problem-solving ability to apply analysis, experience, and critical thinking skills
Strong communication, relationship building, and influencing skills; team focused approach
Minimum of five years related work experience; audit, risk, or controls experience preferred; supervisory experience preferred
Undergraduate degree or equivalent combination of training and experience; IT degree or concentration preferred; graduate degree preferred
CISSP, CISM, CompTIA, SANS, ISC2 or other related professional certification preferred

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we’re changing the way the world invests.

For us, investing doesn’t just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose – and that’s how we’ve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let’s make it count.

Inclusion Statement

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: “Do the right thing.”

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Our commitment to equal employment opportunity

Vanguard is an equal opportunity employer. Vanguard is committed to providing all crew members a working environment that is free from discrimination, prejudice and bias. Through this Equal Employment Opportunity (EEO) Policy, Vanguard reaffirms its commitment to equal employment opportunity for all applicants and crew members without regard to race, color, national origin or ancestry, religion, gender, sex, sexual orientation, gender identity or expression, age, disability, marital status, veteran or military status. In addition, Vanguard prohibits discrimination based on genetic information, as well as any other characteristic protected by federal, state or local law.

Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Vanguard. Please inform careers@vanguard.com if you need assistance completing this application or to otherwise participate in the application process.