Senior Application Security Specialist
About The Position
Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions. Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape. Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.
Requirements
- Undergraduate degree in a related field or equivalent combination of training and experience.
- Experience with well-known application security tools (SAST, SCA, IAST, RASP, etc.)
- Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).
- Strong experience with any modern programming language.
- Familiarity with industry standards such as NIST, OWASP, and MITRE.
Nice To Haves
- Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.
Responsibilities
- Play a leading role in defining the vision, strategy, and roadmap for security orchestration, ensuring it evolves to meet enterprise security needs and developer expectations.
- Drive initiatives to achieve maximum scan coverage across repositories, proactively identifying gaps and implementing scalable solutions to close them.
- Develop strategies to secure current and emerging technologies (cloud, containers, serverless, mobile, AI/ML, etc.).
- Champion a frictionless developer experience by streamlining scan workflows and integrating feedback loops to continuously improve usability.
- Partner with the broader security organization to align our security orchestration capabilities with organizational goals, ensuring seamless integration in the CI/CD pipeline.
- Actively participate in epic/story grooming and retrospectives.
- Contribute to code reviews, complete development stories, and help evolve the team’s technical capabilities through hands-on collaboration and coding.
- Gather and report metrics from application security solutions and processes to provide meaningful insights into the maturity of the Application Security program.
- Stay up to date on application security practices and standards; participate in educational opportunities; read professional publications.
Benefits
- comprehensive health and wellness care
- work-life balance
- an investment in your future
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
