Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that Vanguard leaders and crew drive faster, stronger, risk-informed decisions.
Within GR&S, the
Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.
Our crew are our greatest resource - by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.
Core Responsibilities - Lead proactive threat hunting operations across enterprise environments, including adversary emulations, live hunts, and investigative assessments. Identify anomalous behaviors and translate findings into actionable detections.
- Apply hypothesis-driven hunting methodologies, leveraging threat intelligence, behavioral analytics, and the MITRE ATT&CK framework to identify gaps in detection and control coverage.
- Analyze telemetry across the enterprise security stack (endpoint, network, identity, cloud, email, SIEM/XDR) and pivot across datasets to identify advanced threats and hidden attacker activity.
- Identify and validate adversary techniques, mapping observed activity to ATT&CK and informing improvements to detection logic, alerting, and response workflows.
- Enhance detection engineering efforts by developing, tuning, and validating rules, analytics, and behavioral detections based on hunt findings and adversary simulations.
- Leverage scripting and automation (e.g., Python, PowerShell, KQL, SQL) to scale threat hunting activities, enrich data, and improve investigative efficiency.
- Utilize advanced analytics and AI-assisted techniques to accelerate the identification of suspicious or malicious activity.
- Collaborate across CSOC and engineering teams to validate findings, operationalize detections, and strengthen defensive capabilities.
- Produce clear and actionable reporting, including hunt reports, detection gap analyses, and executive summaries that translate technical findings into business risk and recommended actions.
- Support incident response when required, providing deep investigative expertise, threat context, and rapid escalation of critical findings.
- Mentor and guide team members, sharing threat hunting methodologies, tooling expertise, and investigative techniques to improve overall team capability and maturity.
- Continuously evaluate and improve hunt processes, tooling, and methodologies to advance threat hunting maturity and operational effectiveness.
Qualifications - Preferred 3 - 5 years of experience in threat hunting, detection engineering, incident response, or security operations.
- Strong understanding of threat actor tactics, techniques, and procedures (TTPs) and modern attack methodologies.
- Hands-on experience with enterprise telemetry and security platforms (EDR, SIEM, network monitoring, cloud security tools).
- Proven application of the MITRE ATT&CK framework for threat detection, gap analysis, and adversary mapping.
- Proficiency in scripting and query languages (Python, PowerShell, KQL, SQL, or equivalent).
- Experience with data analysis and large-scale investigation workflows.
- Strong written and verbal communication skills, with the ability to translate technical findings into business-relevant risk.
- Experience working in cross-functional security teams (SOC, IR, Threat Intelligence, Detection Engineering).
- Relevant certifications (e.g., CISSP, GCFA, GCIH, GCDA, or equivalent) preferred.
Special Factors Sponsorship Vanguard is not offering visa sponsorship for this position.
About Vanguard At Vanguard, we don't just have a mission-we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
Never miss an opportunity! Create an alert based on the job you applied for.
