- The Finance division is home to Vanguard’s experts in Corporate Financial Services, Fund Financial Services, Internal Audit and the Finance Transformation Program. Our crew are high caliber professionals who provide financial and decision support leadership to all businesses at Vanguard across the globe. Integrity is key – as stewards of fund assets and Vanguard’s assets, we must protect data, mitigate risk, stay competitive, and proactively establish business initiatives, all while returning value to clients. Vanguard’s Finance division is a talent destination for exceptional financial minds looking to be part of a best-in-class organization that is one of Vanguard’s most trusted voices.
- We are seeking a Senior IT Security and Privacy Auditor to help identify and manage risks to its business and investors. Within the organization, the Global IT Audit Services (GTAS) team is seen as a critical line of defense for the organization. GTAS is comprised of hard-working, highly motivated, and technically skilled professionals who consistently deliver high-quality work in a dynamic environment. The team also promotes a flexible and well-balanced work environment.
- The Senior IT auditor will manage and execute audit and advisory engagements within the following domains: Security Policy, Security Governance, Access and Authentication Management, Threat and Vulnerability Management, Security Threat Intelligence, Data Privacy, Security Response, and Application Security Architecture.
Duties and Responsibilities:
- Performs complex work for risk-based audits and advisory engagements (including research, evaluation and analysis, testing and reporting) on topics related to risk, governance, process, technology, controls, and operating practices of assigned engagements.
- Communicates with various levels of management (department and client) to discuss engagement progress and results. This includes identifying opportunities to strengthen processes/controls and related remediation efforts. Effectively builds relationships with business process owners and management.
- Participates in client discussions throughout the engagement and executes audit and advisory work, including assessment of risk and effectiveness of controls based on relevant knowledge and experience. Encourages healthy debate and collaboration among the audit team.
- Prepares and delivers high-quality internal work papers and client facing deliverables such as process/control narratives, flowcharts, testing documentation, conclusions, recommendations and audit report findings to be shared with the audit team and clients. Applies relevant industry acumen including best practices, established standards, regulatory and global impact considerations in order to provide recommendations to business management.
- Communicates expectations to auditors and provides meaningful feedback to help develop auditors by identifying and communicating areas for improvement in a timely manner. Executes the day-to-day project plan and performs detailed review of other team members’ work.
- Acts as a mentor to less experienced auditors by coaching on internal audit processes and methodology as well as business lines and supporting technology.
- Actively participates in special projects and department initiatives, as needed.
- Strong IT Security knowledge (application security architecture, network security, IT
- infrastructure, data security administration, database security). Working experience
- and/or knowledge of web and mobile technology.
- Working experience with common security risk frameworks, for instance, ISO 27000,
- NIST, and CIS Critical Security Controls.
- Professional certification (e.g., CISSP, CISM, CompTIA, SANS, ISC2, etc.) is a plus.
- Undergraduate degree in a business related field of concentration or equivalent combination of training and experience. Professional certification or advanced degree (e.g., MBA, CPA, CIA) is a plus.
- Two to four years general business experience required. Experience in audit, risk or controls (i.e. operational audits, financial statement audits, internal audits, advisory/consulting, controls/compliance/legal) preferred.
- Working knowledge of and demonstrated interest in the financial services industry.
- Demonstrated ability to function in fast paced, ambiguous environment working with multiple and diverse responsibilities.
- Strong conceptual thinking aptitude.
- Excellent time and project management and strong relationship management skills.
- Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives.
Sign Up to Bookmark Jobs, Keep Track of Completed Applications and Receive Recommended Jobs