Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Why Vanguard? At Vanguard, we are committed to fostering a culture of security and innovation. As the Technical Lead of External Attack Surface Management (EASM), you will play a crucial role in protecting our organization and contributing to our mission of providing world-class investment services.

Why the Global Enterprise Security Organization?

We are committed to fostering a culture of security and innovation. As the Technical Lead of EASM, you will partner closely with a team of seasoned leaders that are passionate about cyber security, our community, and protecting Vanguard’s clients.

Key Responsibilities:

• Technology Implementation & Management: Implement and manage EASM & SSPM technologies, ensuring they are effectively integrated and utilized.

• Process Development: Develop and implement critical processes to enhance our security posture.

• Reporting Capabilities: Build and maintain key reporting capabilities to provide insights into our security posture.

• Collaboration: Work closely with cross-functional teams to integrate tools and address identified vulnerabilities.

• Reporting: Prepare and present comprehensive reports on the organization's posture.

• Technical Guidance: Provide technical leadership and guidance to both crew and contractors within the team.

Required Skills & Qualifications:

• Minimum of five years of Vulnerability Management, CSOC, or similar work experience required, with two years’ experience in attack surface management preferred.

• Robust technical capabilities and a security-focused mindset.

• Familiarity with Vulnerability Management and Risk Management processes.

• Proven experience in application management and robust process development.

• Strong relationship-building skills and the ability to communicate effectively, both written and verbally.

• Strong analytical and problem-solving skills.

• Experience in scripting (ex: Python) and API usage.

• Familiarity with scrum, kanban, and agile methodologies.

• Demonstrated ability to manage complex projects on tight timelines.

Preferred Qualifications:

• Familiarity with Attack Surface Management or SaaS Security Posture Management.

• Familiarity with EASM (Censys, Xpanse, Qualys CSAM, etc.) and/or SSPM tools (AppOmni, Adaptive Shield, Obsidian).

• Relevant certifications such as CISSP.

• Experience creating actionable dashboards within data visualization tools such as Tableu or PowerBI.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.