Senior Cloud Security Architect, IAM Cloud

Global Risk and Security (GR&S) at Vanguard enables business strategy protects client and Vanguard interests (e.g. assets and data) and stewards a strong risk culture. Our teams leverage enterprise-wide insights deep expertise and trusted advice so that across Vanguard leaders and crew drive faster stronger risk-informed decisions.

Within GR&S the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew property data and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged passionate and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

Our crew are our greatest resource by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care work-life balance and an investment in your future at its core.

Core Responsibilities

• Define and evolve cloud IAM architecture across authentication authorization federation and identity governance.
• Own and drive the enterprise cloud IAM strategy including modern authentication nonhuman identities and emerging AI use cases.
• Lead cloud security architecture reviews and influence engineering roadmaps toward secure scalable outcomes.
• Design and implement cloud-native IAM patterns including least privilege policyascode workload identity conditional access and servicetoservice authentication.
• Establish and enforce IAM guardrails for Infrastructure as Code (IaC) using automated policy controls.
• Streamline secure access workflows through standardized roles selfservice access and efficient onboarding.
• Monitor and reduce identity-related risk (excessive permissions misconfigurations toxic access paths) and translate insights into architectural improvements.
• Define and align policy-driven privileged access controls across cloud platforms applications and CI/CD pipelines.
• Partner with cloud engineering DevSecOps security and risk/compliance teams to ensure alignment with enterprise security and regulatory standards.

Qualifications

• 8 years of experience in IAM Cloud Security Security Architecture or related enterprise IT roles including 3 years as a technology/security architect
• Bachelors degree or equivalent combination of education and experience
• Experience leading technical initiatives (people or matrix leadership)
• Multicloud IAM expertise (AWS Azure GCP OCI)
• Background in regulated environments (financial services preferred) with exposure to SOX SOC GDPR DORA
• Certifications preferred: CISSP (preferred) GSEC CISM CCSP and/or cloud provider certifications

Special Factors

Sponsorship

About Vanguard

At Vanguard we dont just have a missionwere on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members designed to capture the benefits of enhanced flexibility while enabling in-person learning collaboration and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.