Malvern, PA, USA
10 days ago
Senior Identity & Access Management Risk Advisor

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities.

As the Senior Identity & Access Management Risk Advisor, you will play a pivotal role on a new team in Technology Risk focused on enhancing line 2 oversight of Vanguard’s Enterprise Security & Fraud services. In this role you will act as an independent challenger and advisor to the IAM organization and will influence critical initiatives, execute risk assessments, manage top risks, and ensure comprehensive controls exist while collaborating with other risk partners and business units across the global organization. This is a senior position that is dynamic, highly visible, and will allow you to deliver tangible value in enhancing our ability to protect clients as well as shape our new team’s strategy and vision.

An ideal candidate is well versed in modern identity management practices with the ability to effectively analyze on-the-horizon threats to drive agile risk management. Strong communication and written skills are required to influence senior decision makers. Candidates should have experience in domains such as authentication, authorization, privileged access management, credential/key management, cloud, and risk management.

Senior Identity & Access Management Risk Advisor:

Provides risk guidance, oversight, and assurance services to enterprise and divisional partners based on the Vanguard's operational and strategic risk framework. Ensures the development and implementation of effective divisional risk controls. Provides expert level technical risk advice and direction across IAM capabilities.Leads and manages the efficiency and effectiveness of technical risk management within IAM. Sets measurable goals and examines ways to raise standards, to increase quality and to improve overall technical risk management efforts of the team. Measures departmental success in identifying and managing technical risk exposure and identifies and prioritizes existing and emerging risks and advises on appropriate control design and testing. Provides technical risk and architecture thought leadership and expertise. Leads and assists IAM in the development, implementation and management of short- and long-term technical risk management strategies in accordance with department goals and objectives, standard risk management policies and procedures, and the overall risk strategy.Works with IAM to mitigate risks and optimize process efficiency. Uses expert IT industry best practice knowledge to design effective controls and makes recommendations for developing new technical risk management strategies for the business.Provides consultation, facilitation and analytical support to the divisional management team as new products, services, processes and procedures are developed to ensure risk is properly mitigated. Identifies potential solutions and recommends development options.Develops and maintains strong relationships with enterprise and divisional clients to understand their ongoing risk needs. Acts as a thought partner to the business, and effectively persuades and influences others.Assesses the design of existing controls and make recommendations, leverages industry best practice for improvement as needed. Understands the risk management framework and utilizes the core concepts when discussing risk exposures with the business.  Identifies and advises on opportunities for continuous quality improvement of technical standards, methodologies, and technologies.Participates in special projects and performs other duties as assigned.

What it takes:

Experience with frameworks such as NIST, ISO 27001Experience with Internal Controls over Financial Reporting (ICFR), SOC1/2. SOX, GS007Experience with IAM and Security technologies such as SailPoint, Okta, modern PAM solutionsCertificates in relevant domains (e.g. CISSP, CRISC, AWS, Azure, etc)Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.Minimum of eight years’ experience in IAM, Risk Management, Cybersecurity, or IT

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

Our commitment to diversity, equity, and inclusion

Vanguard’s commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse—one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients.

Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress—from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences.

Together, we’re on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care—for our clients, our communities, and each other.    

Vanguard’s DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Confirm your E-mail: Send Email