"Alerted.org

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.

Position Overview

The Identity and Access Management (IAM) Controls Manager (TM03) is a critical leadership role reporting to the Global Head of IAM Operations. This role is responsible for overseeing the execution, transformation, and continual improvement of key IAM controls. This position is focused on ensuring operational effectiveness for key IAM operational processes and compliance with key control reports including SOX, SOC1, SOC2, and similar frameworks. The ideal candidate will be a strategic thinker and hands-on executor, driving both flawless compliance and technological innovation within the IAM controls program.

Key Responsibilities

Compliance Control Execution:

+ Lead the end-to-end execution of IAM controls, ensuring alignment with SOX, SOC1, SOC2, and other regulatory and client-facing audit requirements.

+ Oversee periodic access certifications, including management review and attestation processes for high-risk applications and sensitive data repositories.

+ Manage and perform reconciliations of access for critical business applications, ensuring accurate and complete access records.

+ Lead a program focused on timely detection and remediation of unauthorized access.

Control Transformation and Automation:

+ Assess current control execution processes, identifying opportunities to reduce manual effort and spreadsheet dependency.

+ Transform access certifications and related meta data needs from point in time, manual, and siloed reviews with stale data to a program focused on maturing the controls through accurate and complete data, automation, and a cohesive and engaging client experience focused on risk and data insights.

+ Partner with the IAM Governance, Risk, and Compliance (GRC) team to identify risk, mature existing controls and develop new controls that drive greater operational effectiveness.

+ Leverage data analytics, automation tools, and IAM technology platforms to streamline controls, improve accuracy, and enhance reporting capabilities.

+ Champion the adoption of automated workflows and continuous monitoring solutions to support compliance and audit readiness.

Manager, IAM Controls:

+ Hires, evaluates, and leads crew. Provides guidance and training as necessary to develop crew. Sets performance standards, reviews performance, and makes informed compensation decisions in accordance with all applicable Human Resources policies and procedures.

+ Leads the design, build, and deployment of identity and access management controls and governance program that is compliant with enterprise security standards and integrated with enterprise access administration infrastructure. Drives continuous improvement through automation, control optimization, and integration of scalable solutions. Works closely with senior leadership and other IT teams to align strategies and projects with business objectives.

+ Leads and oversees the implementation of changes to department policies and procedures to meet changing business needs and to achieve department objectives. Identifies opportunities to automate manual processes and strengthen control effectiveness across the IAM landscape.

+ Serves as a point of escalation for complex issues that may require management intervention. Analyzes the security impact of complex requests or incident tickets escalated by the team and either provides resolution or escalates to higher management depending on the criticality. Assesses and immediately notifies leadership of security issues or quality control events that may have an impact on business operations.

+ Works closely with external auditors to represent Vanguard and respond to audit findings. Ensures completeness and accuracy of responses and evidencing. Leads efforts to proactively remediate control gaps and streamline audit readiness through automation and improved documentation practices.

+ Maintains an active understanding of, and contributes to, the broader access management and information security discipline. Serves as thought leader across the enterprise and with external partners.

+ Participates on vendor software evaluation teams to analyze the security administration features and impacts of each package or release. May help define requirements, log issues and test upgrades and new releases.

+ Participates in special projects and performs other duties as assigned.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.