Sr Vulnerability Management Analyst at Vanguard

We’re excited for a Senior Vulnerability Management Analyst to join our high-energy team – to help shape the future of Vanguard’s attack surface management and Vuln Ops. This role sits at the intersection of security risk, automation, and emerging AI‑driven capabilities. If you’re a cybersecurity professional who thrives on critical thinking, challenging yourself, and shaping how humans and machines work together to reduce risk - this role is for you!

You’ll be responsible for identifying, prioritizing, and managing vulnerabilities across Vanguard’s hybrid infrastructure – ensuring adherence to security hardening standards and integration with AI-assisted remediation tooling. The role requires strong analytical & communication skills, combined with technical and security expertise. This is a great opportunity to join a growing team – working in a fast-paced cross-functional environment to protect Vanguard and its clients from cyber security threats

Core Responsibilities (In this role you will)

• Leverage exposure assessment platforms to monitor Vanguard assets for vulnerabilities and security configuration weaknesses as part of CTEM implementation

• Automate various aspects of Vuln Ops to help defend against AI-driven threats

• Partner with the SOC, Cyber Threat Intel, Offensive Security Team, and other stakeholders to refine prioritization, to validate impact of suspected vulnerabilities, to advise owners on mitigation strategies or compensating controls, and to provide accurate & timely reporting that informs remediation progress

• Investigate false-positives and requests for risk-acceptance or risk-rating adjustment

• Shape enforcement controls & guardrails

• In zero-day events, quickly iterate through VM lifecycle – creatively handle time-sensitive escalations, develop custom reports, and perform special investigations

• Coordinate with Engineering platform team to tune scanning tools to improve visibility and to meet additional security objectives

• Focus on continuous process improvement and identify opportunities for automation, fusion of disparate sources of security findings, and consistency of remediation owner experience.

What it Takes (Qualifications)

• Minimum of 5 years related work experience required, with 2 years of experience managing vulnerabilities at scale and understanding of security frameworks

• Strong knowledge of CVSS

• Expertise in at least 1 major cloud service provider

• Prior experience automating processes

• Undergraduate degree in a related field or the equivalent combination of training & experience

• Exceptional problem-solving ability

• Solid communication skills, with the ability to influence stakeholders across various seniority levels

• Ability to own and lead cross-functional initiatives – including planning, execution, & outcome tracking

Ways to stand out:

• Demonstrated passion for continuous learning

• Experience with scripting and automation

• Experience with Aqua, Palo Alto Prisma, Wiz, Crowd Strike, Tenable Nessus, or Qualys

• Experience with Claude Code/Codex or Threat Modeling

• Experience with risk controls and interacting with internal/external audit

Special Factors Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.