Insider Threat Management Technical Lead

    • Vanguard
  • Dallas, TX
  • Posted 36 days ago | Updated 2 hours ago


On Site
Full Time


IT management
Use cases
Risk assessment
Risk management
Security controls
Problem solving
Information security
Regulatory Compliance
Analytical skill
Value engineering

Job Details

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly-engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

In this role, you will:
  • Investigate and respond to incidents involving insider threats, by collecting and analyzing relevant user and system data to determine scope and impact of incidents.
  • Utilize specialized security tools and technologies to detect and analyze anomalous behavior to ensure the integrity and protection of enterprise assets through technical enforcement of organizational security policies.
  • Responsible for writing advanced correlation searches in SIEM and building out dashboards and alerts for identification and detection of insider activity.
  • Develop and implement UEBA use cases in SEIM for identification and detection of insider activity.
  • Conduct comprehensive risk assessments to identify potential insider threats within the enterprise and develop strategies for risk mitigation.
  • In-depth analysis of information received from various data sources: assemble, correlate, evaluate and assess information concerning internal risk to enterprise information and resources, crew, and networked systems.
  • Proactively identify activity data trends indicative of internal threat and support internal threat hunting activities.
  • Provide forensic analysis and investigative support to internal and external business partners (HR, Legal, Fraud, Global Security and Compliance).
  • Contribute to the development of policies, procedures, and standards to maintain optimal security controls across the enterprise.
  • Assist in review and development of reports, policies, plans, and other documentation as required to meet objectives of the program.
  • Collaborate with a variety of stakeholders to drive appropriate outcomes and mitigate internal risk and threats to Vanguard crew, information, and resources.
  • Mentor junior team members to improve their technical acumen.
What it takes:
  • Advanced SIEM knowledge and experience required. Ability to write complex query searches, correlation searches, build dashboards and alerting for the identification and detection of insider activity.
  • Experience with the following technologies: UEBA, Risk Weighting, DLP, and EDR.
  • Minimum of eight years related work experience.
  • Undergraduate degree or equivalent combination of training and experience required.
  • Obtain CISSP within one year of hire.
Specializations that will make an impact:
  • Excellent analytical and problem-solving skills with the ability to draw inferences and conclusions from large data sets used to determine incident root cause.
  • Ability to communicate technical concepts to a wide variety of business areas and technical backgrounds.
  • Experience with following technologies; DLP, SIEM, EDR, UEBA.
  • Awareness of information security principles, theories, techniques, practices, and procedures
  • Maintain the highest level of integrity due to constant exposure to sensitive information.
  • Able to work independently and as part of a team.
  • CISSP, GCIH highly preferred.
  • Strong written and oral communication skills.
Additional Details:

Rotational On-call Responsibilities required. This is based in our Dallas location.

Special Factors


Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we're changing the way the world invests.

For us, investing doesn't just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose - and that's how we've become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let's make it count.

Inclusion Statement

Vanguard's continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: "Do the right thing."

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard's core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.