Insider Threat Senior Technical Analyst

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

Responsibilities:

• Investigate and respond to incidents involving insider threats, by collecting and analyzing relevant user and system data to determine scope and impact of incidents.

• Utilize specialized security tools and technologies to detect and analyze anomalous behavior to ensure the integrity and protection of enterprise assets through technical enforcement of organizational security policies.

• Responsible for writing advanced correlation searches in SIEM and building out dashboards and alerts for identification and detection of insider activity.

• Develop and implement UEBA use cases in SEIM for identification and detection of insider activity.

• Conduct comprehensive risk assessments to identify potential insider threats within the enterprise and develop strategies for risk mitigation.

• In-depth analysis of information received from various data sources: assemble, correlate, evaluate and assess information concerning internal risk to enterprise information and resources, crew, and networked systems.

• Proactively identify activity data trends indicative of internal threat and support internal threat hunting activities. 

• Provide forensic analysis and investigative support to internal and external business partners (HR, Legal, Fraud, Global Security and Compliance).

• Contribute to the development of policies, procedures, and standards to maintain optimal security controls across the enterprise.

• Assist in review and development of reports, policies, plans, and other documentation as required to meet objectives of the program. 

• Collaborate with a variety of stakeholders to drive appropriate outcomes and mitigate internal risk and threats to Vanguard crew, information, and resources.

• Mentor junior team members to improve their technical acumen.

Qualifications:

• Advanced SIEM knowledge and experience required. Ability to write complex query searches, correlation searches, build dashboards and alerting for the identification and detection of insider activity.

• Experience with the following technologies: UEBA, Risk Weighting, DLP, and EDR.

• Minimum of eight years related work experience.

• Undergraduate degree or equivalent combination of training and experience required. 

• Obtain CISSP within one year of hire.

Specializations that will make an impact:

• Excellent analytical and problem-solving skills with the ability to draw inferences and conclusions from large data sets used to determine incident root cause. 

• Ability to communicate technical concepts to a wide variety of business areas and technical backgrounds.

• Experience with following technologies; DLP, SIEM, EDR, UEBA.

• Awareness of information security principles, theories, techniques, practices, and procedures

• Maintain the highest level of integrity due to constant exposure to sensitive information.

• Able to work independently and as part of a team.

• CISSP, GCIH highly preferred.

• Strong written and oral communication skills.

Additional Details:

Rotational On-call Responsibilities required.  This is based in our Dallas location.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don’t just have a mission—we’re on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients’ lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

Our commitment to diversity, equity, and inclusion

Vanguard’s commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse—one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients.

Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress—from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences.

Together, we’re on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care—for our clients, our communities, and each other.    

Vanguard’s DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.