Enterprise Security Governance Analyst

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.

Responsibilities

Governance Execution and Sustainment

• Executes assigned components of Global Physical Security governance programs, including documentation development, updates, evidence collection, control support activities, and remediation tracking.
• Supports the creation, application, and maintenance of enterprise security policies, standards, controls, procedures, and governance reporting.
• Maintains governance artifacts, templates, and process documentation in alignment with ASIS, ISO, regulatory, and other best‑practice guidance.

Document Lifecycle Management

• Maintains document lifecycle hygiene for assigned governance artifacts, including version control, scheduled review tracking, updates, and publication readiness.
• Ensures documentation accuracy, consistency, and accessibility to support audits, assurance activities, and leadership reporting.

Assessment Support and Data Analysis

• Supports governance and program assessments through structured reviews of security practices, physical security configurations, access control processes, threat management documentation, and related activities.
• Performs data validation, analysis, and tracking to support program transparency, issue identification, and progress monitoring.

Control Execution and Quality Assurance

• Supports execution of assigned security controls, including evidence validation, control testing support, and tracking of control effectiveness over time.
• Supports quality assurance activities by identifying inconsistencies, documentation gaps, or execution issues and escalating as appropriate.

Operational Reporting

• Prepares dashboards, metrics, and governance reports that communicate program status, risks, and remediation progress.
• Supports recurring governance reporting cycles and standing governance routines.

Planning, Training, and Exercises Support

• Drafts and maintains security plans, annexes, procedures, and playbooks under direction of governance leadership or specialists.
• Develops exercise products, including situation manuals, exercise plans, after‑action reports, and improvement plans.
• Supports exercise execution activities, including coordination, documentation during exercises, and tracking of improvement actions.
• Supports training governance activities, including maintenance of training materials, tracking of completion, and documentation of training effectiveness.

Cross‑Functional Coordination

• Coordinates with domestic and international stakeholders, including security teams, facilities, cyber, operational risk, and regulatory partners, to support governance execution and information gathering.
• Supports scheduling, data requests, and logistics associated with governance routines and reviews.

Issue Tracking and Escalation

• Tracks remediation activities and follow‑up actions.
• Escalates issues, risks, or execution gaps in accordance with established governance processes.

Special Assignments

• Contributes to maturity assessments, operational improvement initiatives, and modernization efforts as assigned.

Qualifications

• 5 years of experience in security management, physical security, emergency management, threat assessment/risk management, business continuity, or related disciplines.
• Strong organizational skills with demonstrated experience managing detailed workstreams and recurring activities.
• Strong written communication skills, including drafting plans, policies, procedures, playbooks, checklists, project documentation, and exercise materials.
• Broad experience developing exercise products, including situation manuals, exercise plans, after‑action reports, and improvement plans, preferred.
• Knowledge and experience with incident command systems and effective crisis management response processes.
• Undergraduate degree required or equivalent combination of training and experience.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.