Cyber and Fraud Risk Specialist

About Vanguard

More than 45 years ago John C. Bogle had a vision to start an investment company that did things differently. A company with no external shareholders. Where all the profits were invested back into the business and used to lower costs.Evidently itwas as bold as it was brilliant. To this day Vanguard Group still has no external shareholders. That means no share prices to protect and no profits to generate for outside owners.

Today Vanguard is one of the worlds largest investment management companies serving more than50 million investorsworldwide. For more than 25 years Vanguard Australia has been supporting individual investors financial advisers and superannuation members to achieve their long-term financial goals.

AsCyber and Fraud Risk Specialistfor Vanguard Australia (VIA) you will strengthen second-line oversight of Enterprise Security & Fraud (ES&F) services. Acting as an independent challenger and advisoryoulllead risk assessments manage top cyber risks and ensure robust controls while collaborating across global teams. This highly visible role delivers real impact in protecting clients and shaping our teams strategy.

Wereseeking a candidate with strong risk managementexpertiseand broad cyber experience in areas such asDevSecOps Vulnerability Management Application Security Third-Party Security GRC and Security Awareness. Prior experience withAPRA regulations particularly CPS 234 is.

Core Responsibilities

• Provideindependent risk guidance oversight and assurance to divisional partners in line with Vanguards operational and strategic risk framework

• Lead and enhance technical cyber risk management practices within VIA setting measurable goals and driving continuous improvement

• Conduct and review cyber risk assessmentsidentifyand prioritize emerging risks and advise on control design testing and remediation

• Support the development and implementation of short- and long-term cyber risk strategies aligned with departmentalobjectivesand regulatory requirements

• Build strong relationships with divisions acting as a trusted advisor and influencing risk-aware decision-making

• Assess existing controls recommend improvements andleverageindustry best practices to strengthen cyber resilience

• Drive continuous improvement in technical standards methodologies and technologies.

• Participate in special projects and contribute to enterprise-wide risk initiatives as

Qualifications

• Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.

• Minimum of fiveyears experiencein Risk Management Cybersecurity or IT

• Certificates in relevant domains (e.g. CISSP CRISC AWS Azure etc)

• Familiarity with relevant frameworks (i.e. NIST CSF ISO 27001)

Inclusion Statement

Vanguards continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients crew (internally employees are referred to as crew) and communities is guided by one simple statement: Do the right thing.

We believe that a critical aspect of doing the right thing requires building diverse inclusive and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguards core purpose through our values.

When all crew members feel valued and included our ability to collaborate and innovate is amplified and we are united in delivering on Vanguards core purpose.

Our core purpose: To take a stand for all investors to treat them fairly and to give them the best chance for investment success.