Sr Vulnerability Management Analyst

See belowWe’re excited for a Senior Vulnerability Management Analyst to join our high-energy team – to help shape the future of Vanguard’s attack surface management and VulnOps. This role sits at the intersection of security risk, automation, and emerging AI‑driven capabilities. If you’re a cybersecurity professional who thrives on critical thinking, challenging yourself, and shaping how humans and machines work together to reduce risk - this role is for you!You’ll be responsible for identifying, prioritizing, and managing vulnerabilities across Vanguard’s hybrid infrastructure – ensuring adherence to security hardening standards and integration with AI-assisted remediation tooling. The role requires strong analytical & communication skills, combined with technical and security expertise. This is a great opportunity to join a growing team – working in a fast-paced cross-functional environment to protect Vanguard and its clients from cyber security threatsCore Responsibilities (In This Role You Will)Leverage exposure assessment platforms to monitor Vanguard assets for vulnerabilities and security configuration weaknesses as part of CTEM implementationAutomate various aspects of VulnOps to help defend against AI-driven threatsPartner with the SOC, Cyber Threat Intel, Offensive Security Team, and other stakeholders to refine prioritization, to validate impact of suspected vulnerabilities, to advise owners on mitigation strategies or compensating controls, and to provide accurate & timely reporting that informs remediation progressInvestigate false-positives and requests for risk-acceptance or risk-rating adjustmentShape enforcement controls & guardrailsIn zero-day events, quickly iterate through VM lifecycle – creatively handle time-sensitive escalations, develop custom reports, and perform special investigationsCoordinate with Engineering platform team to tune scanning tools to improve visibility and to meet additional security objectivesFocus on continuous process improvement and identify opportunities for automation, fusion of disparate sources of security findings, and consistency of remediation owner experience.What It Takes (Qualifications)Minimum of 5 years related work experience required, with 2 years of experience managing vulnerabilities at scale and understanding of security frameworksStrong knowledge of CVSSExpertise in at least 1 major cloud service providerPrior experience automating processesUndergraduate degree in a related field or the equivalent combination of training & experienceExceptional problem-solving abilitySolid communication skills, with the ability to influence stakeholders across various seniority levelsAbility to own and lead cross-functional initiatives – including planning, execution, & outcome trackingWays to stand out:Demonstrated passion for continuous learningExperience with scripting and automationExperience with Aqua, Palo Alto Prisma, Wiz, CrowdStrike, Tenable Nessus, or QualysExperience with Claude Code/Codex or Threat ModelingExperience with risk controls and interacting with internal/external auditSpecial FactorsSponsorshipVanguard is not offering visa sponsorship for this position.About VanguardAt Vanguard, we don't just have a mission—we're on a mission.To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.How We WorkVanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.