Duties and Responsibilities 

• Utilize application development, deployment, and security experience to help guide Application Security strategy and secure the software development lifecycle (SDLC). 

• Utilize current and emerging security technologies to identify, assess, and remediate application vulnerabilities (SAST, SCA, IAST, DAST, Containers, etc.) 

• Configure and onboard teams to dynamic scanning tools across CI/CD environments.  To include the management of authentication and integration of DAST scanners with target applications and platforms. 

• Design, implement, and continuously refine API security requirements and architecture patterns that proactively address emerging threats and align with enterprise security and system design principles. 

• Ensure the proper implementation, coverage, and function of the application security solutions.  

• Develop and implement strategies to secure current and emerging technologies (cloud, containers, serverless, mobile, AI/ML, etc.). 

• Conduct in-depth analysis of vulnerabilities in software and application deployment processes, proposing and implementing remediation measures. 

• Identify and execute opportunities to automate Application Security processes to improve the efficiency and effectiveness of security measures. 

• Gather and report metrics from application security solutions and processes to provide meaningful insights into the maturity of the Application Security program. 

• Collaborate with developer community and enhance their experience in remediating SDLC security vulnerabilities. 

• Provide guidance and training to development and cloud engineering teams on secure coding and deployment best practices.   

• Stay up to date on application security practices and standards; participate in educational opportunities; read professional publications. 

• Maintain comprehensive documentation of technology, projects, processes, etc. 

• Participate in special projects and other duties as assigned. 

Qualifications 

• Undergraduate degree in a related field or equivalent combination of training and experience. 

• Strong experience deploying and operating DAST tools to include managing team onboarding, authentication setup, and CI/CD integration. 

• Experience with other well-known application security tools (SAST, SCA, IAST, RASP, etc.) 

• Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.). 

• Familiarity with industry standards such as NIST, OWASP, and MITRE. 

• Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus. 

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.