Cybersecurity Consultant involved in deploying security tools and supporting compliance projects in Andorra. Working with cross - functional teams to enhance cybersecurity measures and documentation.
About the role
- Global Security Controls & Compliance Lead responsible for regulatory assurance in physical security across Vanguard's operations. Engage with internal and external stakeholders to ensure compliance and risk management.
Responsibilities
- Acts as the enterprise authority for physical security control governance, providing interpretation, oversight, and subject‑matter expertise for regulatory and assurance requirements including Sarbanes‑Oxley, SOC 1, SOC 2, SEC Regulation S‑P, FINRA, GDPR, GS007, California Privacy, and related frameworks, as applicable to physical security.
- Owns the development, maintenance, and governance of the global physical security controls framework, including associated policies, standards, and control documentation, ensuring consistency, auditability, and global applicability.
- Provides authoritative guidance to physical security control owners during policy, standards, and control design discussions, ensuring regulatory intent is accurately translated into operationally feasible physical security requirements.
- Serves as the primary interface for internal and external inquiries related to physical security controls, including questions from Compliance, Risk, Audit, and business partners.
- Partners with Compliance, Audit, and Regional Security teams to interpret global regulatory requirements, develop enterprise physical security control policies and standards, and oversee consistent implementation across regions.
- Provides input and documentation to the Head of Governance for regulator and examiner interactions related to physical security.
- Advises on and reviews physical security risk assessments, control testing, and contingency planning for facilities, critical infrastructure, telecommunications capabilities, and other high‑risk assets (people, places, and processes) to validate the existence and effectiveness of safeguards.
- Reviews and evaluates current and proposed policies, standards, and technical initiatives to assess their impact on enterprise physical security control effectiveness, regulatory alignment, and operational consistency.
- Leads the development, implementation, and coordination of physical security controls policies, standards, procedures, and operating doctrine, interpreting enterprise policy requirements and providing clear guidance to security and business stakeholders.
- Supports responses to due‑diligence activities, including RFPs, client inquiries, and assurance questionnaires, by providing accurate descriptions of physical security controls, governance practices, and oversight mechanisms.
- Participates in enterprise and security‑led initiatives that require physical security governance expertise and performs related duties consistent with the role’s scope and authority.
- Enforce compliance with this Enterprise Data Governance Policy and associated standard(s) within their respective domains.
- Maintain metadata for critical data including but not limited to documentation of approved Authoritative Data Sources.
Requirements
- Five+ related work experience in security audit or security controls
- Bachelor’s degree or equivalent combination of education and experience; degrees in security management, risk management, or related disciplines preferred.
- Demonstrated experience translating regulatory and assurance requirements into physical security controls and governance artifacts.
- Change management or governance‑related certifications (e.g., Prosci, ISO, ASIS) preferred, as appropriate to role scope.
Benefits
- comprehensive health and wellness care
- work-life balance
- investment in your future
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Microsoft Success Manager helping partners grow secure, scalable Microsoft practices across ANZ. Championing Microsoft security solutions and supporting partner success strategies in the region.
Assistant AVP overseeing a 5 - member team for Access Management services in Pune and Mumbai, ensuring high standards of service delivery and compliance.
Own global security systems infrastructure for QVC, managing access control and networked security systems across multiple regions. Collaborate with IT to ensure security and technology initiatives meet organizational needs.
Sales Account Manager growing ADAPTIT Cybersecurity business in Greece and Cyprus. Responsible for client relations, sales pipeline, and collaboration with the cybersecurity team.
Information Security Engineer focusing on Identity & Access Management and SSO at Westfield. Design, operate, and mature enterprise authentication and federation capabilities.
Cyber Security Engineer responsible for operational support and development activities with Ping Identity. Collaborate with global teams to strengthen cybersecurity and improve customer satisfaction.
Application Security Specialist focusing on security in software development lifecycle at Insight Investment in Manchester, driving DevSecOps practices across teams.
Cyber Security Engineer supporting mission - critical DoD contract at CACI. Involves reviewing infrastructure changes and implementing security measures in a cloud - based environment.
Security Incident Management Analyst coordinating information security incidents. Overseeing cyber incident response and providing guidance to senior management within a leading industrial software company.