Jobs · Legal · Texas

Governance, Risk & Compliance Analyst, Specialist

Vanguard · Dallas, TX · 2 days ago
HybridLegalFull-time

About the role

You will lead the modernization, rewriting, and ongoing management of cybersecurity policies and standards. You will develop clear, actionable, and audit-ready requirements that align to enterprise risk, regulatory, and control expectations while helping teams understand and comply with security governance requirements.

Responsibilities

  • Develop and maintain enterprise security requirements
  • Strengthen alignment between policies, controls, risks, and regulatory obligations
  • Partner with stakeholders to deliver practical, audit-ready solutions
  • Evaluate the effectiveness of application and system software, equipment, and related capabilities and performance characteristics
  • Support the development and maintenance of a portfolio of global security and fraud policies and standards
  • Maintain the lifecycle of the portfolio
  • Oversee management and decisions related to methodology and policy for all Security and fraud functions
  • Advise key stakeholders and security policy owners during policy and standards discussions
  • Interface with clients on all inquiries related to Information and IT Security and fraud capabilities
  • Support the development and maintenance of a portfolio of global security and fraud policies and standards
  • Monitor and maintain the lifecycle of the portfolio
  • Work with Compliance and Regional Security and Fraud teams to understand global regulatory requirements, develop global and regional policies and standards, and oversee implementation
  • Interface with external regulators for Information and IT Security and Fraud
  • Review and analyze current and proposed policy and standards directives and IT technical issues which may affect the implementation of Information Security and Fraud across the enterprise
  • Recommend, develop, implement, and coordinate new security policies, standards, controls, and operating doctrine at all levels across the company
  • Interpret policy relating to Vanguard information security and fraud functions and provide guidance, as required
  • Define and implement automations to accelerate delivery and improve effectiveness
  • Define and implement data-driven approaches and dashboards to predict risk issues, develop solutions, and partner with key owners and stakeholders
  • Design, implement, and support modernized GRC process and tool capabilities
  • Participate in special projects and perform other duties as assigned

Qualifications

  • Seven years related work experience, Information Security or fraud experience required
  • Undergraduate degree or equivalent combination of training and experience
  • In-depth knowledge of relevant frameworks and standards (i.e., NIST CSF, NIST 800-53, CIS Controls, ISO 27002) and financial services industry cyber regulations and guidelines, and considered an expert in the domain
  • Demonstrated experience with GRC solutions platform and automation capabilities
  • Excellent communication and influencing skills
  • Influence key stakeholders and security policy and control owners
  • Professional certification (CISSP, CISM, CompTIA, SANS, ISC2) preferred

Similar jobs