information security specialist London, England
Job description
Bringing Vanguard’s mission to life
At Vanguard we strive to take a stand for all investors, to treat them fairly and give them the best chance for investment success. That’s our mission statement, and we live and breathe it every single day. In Europe, as we pursue our mission, we are guided by our three enduring business objectives: to deliver superior client outcomes, earn a risk-adjusted return, and create an environment where all crew can thrive. We do so all while living our values of Care, Inclusion, Curiosity and Excellence.
The Head of Information Security leads a team which conducts the following practices for all European entities: information security governance, risk and compliance, cyber assurance, data protection, threat intel and red team.
The Role:
- Hires, evaluates, and supervises crew. Provides guidance and training as necessary to develop crew. Sets performance standards, reviews performance, and makes informed compensation decisions in accordance with all applicable Human Resources policies and procedures.
- Leads the development and implementation of the system-wide cyber governance, risk and compliance management function of the information security program to ensure information security risks are identified and monitored.
- Manages customer and regulator enquiries about cyber risk posture.
- Leads security assessments to measure the adequacy of existing information security controls. Conducts maturity assessments, identifies potential and actual system vulnerabilities, emerging strategic security needs and recommends corrective measures.
- Ensures that the enterprise has an appropriate level of review and key controls, and that key controls are designed and operating effectively in accordance with established standards. Influences decision-making across divisions, negotiates internally, and impacts outcomes and functional direction.
- Collaborate with internal stakeholders to proactively identify security gaps and develop strategies to mitigate potential risks.
- Conduct comprehensive threat intelligence analysis to identify emerging threats, vulnerabilities, and potential risks to the organization.
- Foster partnerships and maintain relationships with external entities, such as law enforcement agencies and industry peers, to share threat intelligence and best practices.
- Manage the planning, execution, and reporting of red team assessments and penetration tests to evaluate the organization's security posture.
- Collaborate with cross-functional teams to develop a comprehensive data protection strategy, assess data security risks, classify data assets, and establish appropriate data protection measures based on regulatory requirements and industry best practices.
- Participates in special projects and performs other duties as assigned.
What it takes:
- Minimum of 10 years related work experience. With at least 5 years leading information security within a regulated financial services environment
- Strong management and leadership skills, with an ability to focus and set clear priorities and eliminate barriers.
- Proven success in establishing strong relationships and working across all functions within an organization.
- Excellent analytical and problem-solving skills, with the ability to interpret complex data and provide actionable recommendations.
- Strong leadership abilities with experience in managing and mentoring a team.
- A passion for staying updated on the latest cybersecurity trends, threats, and best practices.
- Excellent communication and presentation skills, with the ability to effectively communicate complex security concepts to technical and non-technical audiences.
- Proven experience in threat intelligence analysis, including deep understanding of cyber threats, threat actors, and attack vectors.
Desirable Requirements
- Financial Services and/or supervisory experience preferred
- Professional certifications such as CISSP, CISM, CEH, or similar.
Special Factors
- This position is hybrid and would require you to be local to our London office.
About Vanguard
We are Vanguard. Together, we’re changing the way the world invests.
For us, investing doesn’t just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you get so much more in return. We invest with purpose—and that’s how we’ve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.
We want to make success accessible to everyone. This is our opportunity. Let’s make it count.
Inclusion Statement
Vanguard’s continued dedication to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: “Do the right thing.”
We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.
When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose. Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
