Cyber Incident Analyst

at Vanguard
Published November 16, 2022
Location Malvern, PA
Category Default  
Job Type Full-time  


Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly-engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

The Cyber Incident Analyst will provide technical support for cyber threats and threat attack methodologies. This position collects and analyzes system data to identify, contain, mitigate, and recover from cyber security threats or incidents. Conducts research and gathers information from global threat intelligence sources, pertaining to emerging cyber threats and threat attack methodologies.

In this role you will:

* Provides intermediate to advance level monitoring of database security incidents. Assists incident response teams with analysis of security events on databases.
* Develops policies, rules, and reports to detect and alert analysts to database related security events.
* Assists with development of standard procedures to be followed by incident response team.
* Participates in project work associated with data monitoring, including identification of sensitive records / PII, data loss prevention (DLP), and other related topics associated with database monitoring.
* Complies with Information Technology and Information Security policies and procedures.
* Participates in special projects and performs other duties as assigned.
* If the candidate does not already possess the CISSP, the candidate is required to obtain the Security+ within a year & CISSP within 3 years

The ideal candidate will also have the following skills and experience:

* Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Security Systems Manager, malware analysis and forensics tools.
* Ability to clearly and concisely document Cybersecurity incident details and escalate appropriately.
* Knowledge of TCP/IP communications and how common protocols and applications work at the network level
* Ability to learn and operate in a dynamic environment
* Experience with AWS cloud database technologies (Amazon Aurora, Amazon RDS, Amazon Redshift, DynamoDB, PostGres, etc.). Experience with Oracle and SQL databases. DB2 experience a plus.
* Experience with database security products to monitor for suspicious activities a plus.
* Understanding of technical security safeguards.


* Minimum of 3 to 5 years related work experience in database administration and/or security of databases.
* Undergraduate degree in an IT or security related field or the equivalent combination of training and experience.
* Relevant Information Security certifications, or the ability to obtain CISSP, SANS GCIA, SANS GCIH, SANS GPEN preferred.
* Strong written, oral and presentation skills.
* Excellent demonstrated analysis and problem-solving skills.
* Excellent interpersonal skills.

Special Factor:

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we're changing the way the world invests.

For us, investing doesn't just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose - and that's how we've become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let's make it count.

Inclusion Statement

Vanguard's continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: "Do the right thing."

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard's core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

Future of Work

During the pandemic, we transitioned to a work from home model for the majority of our crew and we continue to interview, hire, and on-board future crew remotely.

As we have developed the path forward, we have taken a thoughtful approach that both maximizes the advantages of working remotely and the many benefits of coming together and collaborating in a shared workspace. We believe that in-person interactions among our crew are important for preserving our unique culture and advantageous for the personal development of our crew.

When our Crew return to the office, many will work in our hybrid model. A smaller proportion of our crew will operate in the Work from Home work model (for example, field sales crew); or in the Work from Office model (for example, portfolio managers).

The working model that your role falls into will be communicated to you in the interview process - please do ask if you are unsure. We encourage you to make the decision regarding your job interview and offer knowing which model your role will fall into. We will test and learn as our ways of working evolve and will continue to evaluate working models along the way.

Drop files here browse files ...