DevSecOps Tech Lead
About The Position
The DevSecOps team is responsible for the strategies, technologies, and processes that protect Vanguard’s applications and support secure operations at scale. As the DevSecOps Tech Lead, you will provide technical and people leadership across multiple application security domains, including SCA, SAST, and security engineering. You will help shape the application security strategy, guide the implementation and evolution of security tooling and controls, and ensure security is effectively embedded into the software development lifecycle (SDLC). Partnering closely with engineering, platform, and security teams, you will enable secure, continuous delivery by establishing clear guardrails, driving remediation and prioritization practices, and fostering strong collaboration between security and development teams. This Hybrid Role is based in Malvern, PA, Charlotte, NC, or Dallas, TX
Requirements
- Bachelor’s degree in a related field or equivalent experience
- Proven experience deploying and operating SAST/SCA tools, including onboarding, authentication, and CI/CD integration
- Hands-on experience with application security tools (SAST, SCA, IAST, DAST, etc.)
- Strong understanding of modern application development and delivery (IDEs, repos, CI/CD, cloud, containers, serverless)
- Knowledge of industry standards such as NIST, OWASP, and MITRE
Nice To Haves
- Relevant certifications in AppSec, DevSecOps, cloud, or application development preferred
Responsibilities
- Provide technical and delivery leadership for the Application Security - DevSecOps Foundations team, spanning SAST, SCA, secrets scanning, and emerging application security capabilities.
- Partner with individual domain leads (SAST, SCA, Engineering, etc.) to balance priorities, unblock work, and ensure consistent collaboration and execution across the team.
- Support the manager through execution, planning, stakeholder communication, and operational leadership; align weekly priorities with management and the team.
- Work hands-on across application security initiatives as needed, contributing to tooling, integrations, workflows, and problem-solving during high-impact efforts.
- Own team planning and execution, including roadmap development, identifying future scope, aligning work to OKRs, and ensuring commitments are met.
- Participate in on-call support and assist during security tooling incidents or threat events, providing coordination, leadership, and technical guidance when needed.
- Collaborate closely with other Application Security teams, platform teams, and security and engineering partners to align tooling, integrations, and strategy across the broader AppSec ecosystem.
- Work closely with application security architects to influence big-picture design, technical direction, and scalable architecture decisions.
- Remove blockers and support team members through technical guidance, decision support, and hands-on assistance to keep work moving forward.
- Lead and facilitate team operating rhythms, including standups, planning, retrospectives, cross-team syncs, and other working sessions.
- Engage with vendor partners on roadmap discussions, escalations, evaluations, and future capability planning.
- Stay current on application security best practices, tooling trends, and emerging risks, proactively bringing recommendations to the team and leadership.
- Foster a collaborative, inclusive, and high-performing team culture through mentorship, knowledge sharing, and continuous improvement.
- Participate in special projects and perform other duties as assigned.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
