Global Security Controls & Compliance Lead responsible for regulatory assurance in physical security across Vanguard's operations. Engage with internal and external stakeholders to ensure compliance and risk management.
About the role
- Senior Security GRC Analyst ensuring cybersecurity control compliance at Lambda, a leader in AI cloud infrastructure. Validate security practices against various frameworks and manage IT Risk Register.
Responsibilities
- Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives
- Manage IT Risk Register including risk identification, tracking, and prioritization.
- Assist with and drive remediation of control deficiencies and gaps
- Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.)
- Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting
- Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires
- Assist control owners with root cause analysis and track risk management action plan progress.
- Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings
Requirements
- Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements
- Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks
- Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations
- Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives
Benefits
- Health, dental, and vision coverage for you and your dependents
- Wellness and commuter stipends for select roles
- 401k Plan with 2% company match (USA employees)
- Flexible paid time off plan that we all actually use
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Manager leading physical security investigations and employee prescreening at Vanguard. Collaborating with internal and external stakeholders to ensure safety and compliance in a corporate environment.
Global Security Governance Planning Lead responsible for security planning and governance frameworks at Vanguard. Overseeing compliance and operational readiness across regions while ensuring collaborative stakeholder engagement.
Enterprise Security Governance Analyst executing governance programs and supporting security assessments at Vanguard. Engaging with cross - functional teams and maintaining documentation for physical security governance.
Investigate physical security concerns using OSINT methodologies at Vanguard. Conduct research, document findings, and support prescreening workflows across multiple locations.
Access Control Foreman overseeing commercial construction installations for LINX. Leading teams and ensuring quality and safety in project execution.
Database Security Engineer responsible for implementing security systems at AIG. Protecting and maintaining the integrity of data while ensuring compliance with security standards.
Senior Cloud Security Engineer (GCP) improving security posture at fintech BUX. Strengthening security practices while collaborating with engineering teams in Amsterdam's hybrid environment.
Lead Performance Engineer seeking to drive performance excellence across IAM applications for RBC. Own the complete performance testing lifecycle ensuring systems meet performance standards
Security Compliance Operation Manager at a mobility AI company focusing on software - defined vehicle development. Responsible for policy establishment, compliance support, and system security management.