Governance, Risk & Compliance Analyst

London, GBR

Recommends, develops, implements, and monitors enterprise-wide information security policies, procedures, and operational guidelines. Researches and develops solutions for information security issues and promotes information security awareness.

Core Responsibilities:

  • Conducts security assessments to measure the adequacy of existing information security controls. Identifies potential and actual vulnerabilities and emerging strategic security needs and recommends corrective measures.
  • Supports the development and maintenance of a portfolio of global security policies.
  • Interfaces with clients on all Information Security capabilities. Supports the review and approval of RFP responses related to security as needed and carries out vendor security assessments.
  • Supports with regulatory requirements for security, ensuring compliance.
  • Assists in the review, development, testing, and implementation processes for security plans, risk assessments, products and control techniques.
  • Participates in special projects and performs other duties as assigned.


What it takes:

  • Minimum four years related work experience. Information Security experience preferred.
  • Undergraduate degree in related field or equivalent combination of training and experience.
  • Preferred security certification such as CISM, CISA, CRISC, CISSP, or other relevant certification required as part of the role.

Special Factors

Vanguard is not offering sponsorship for this position.

How We Work

Vanguard has implemented a hybrid working model for most of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. Most teams work Tuesday-Thursday in the office, but for some jobs we need our crew to be in Monday-Friday. We will discuss the working pattern for your role during the interview process.

About Vanguard

Vanguard is an investment company unlike any other. It was founded by Jack Bogle in the US in 1975 on a simple but revolutionary idea: that an investment company should manage its funds solely in the interests of its clients.  Jack helped bring investing to the masses with the index fund. Index funds do not pick individual shares or bonds to beat the market. They track the performance of the entire market.  Or as Jack put it, "Don't look for the needle in the haystack. Just buy the haystack!”.  We have stood for low-cost, uncomplicated investing ever since. Over the last 45 years people have come round to our way of thinking and more than 30 million investors worldwide now trust us with their money.

Inclusion Statement

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: “Do the right thing.”

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose: to take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: CISA CISM CISSP Compliance CRISC Governance RFPs Risk assessment Security assessment Vulnerabilities

Perks/benefits: Career development

Region: Europe
Country: United Kingdom
Job stats:  31  6  2

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.