Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities. We are a world-class destination of highly engaged, passionate, and diverse talent expected to continuously learn and develop in an ever-changing security landscape.

Our crew are our greatest resource – by joining our team you will build collaborative long-term relationships and enjoy a suite of benefits that includes comprehensive health and wellness care, work-life balance, and an investment in your future at its core.

Duties and Responsibilities:

• Play a leading role in defining the vision, strategy, and roadmap for security orchestration, ensuring it evolves to meet enterprise security needs and developer expectations.
• Drive initiatives to achieve maximum scan coverage across repositories, proactively identifying gaps and implementing scalable solutions to close them.
• Develop strategies to secure current and emerging technologies (cloud, containers, serverless, mobile, AI/ML, etc.).
• Champion a frictionless developer experience by streamlining scan workflows and integrating feedback loops to continuously improve usability.
• Partner with the broader security organization to align our security orchestration capabilities with organizational goals, ensuring seamless integration in the CI/CD pipeline.
• Actively participate in epic/story grooming and retrospectives. Contribute to code reviews, complete development stories, and help evolve the team’s technical capabilities through hands-on collaboration and coding.
• Gather and report metrics from application security solutions and processes to provide meaningful insights into the maturity of the Application Security program.
• Stay up to date on application security practices and standards; participate in educational opportunities; read professional publications.
  
  
  

Qualifications:

• Undergraduate degree in a related field or equivalent combination of training and experience.
• Experience with well-known application security tools (SAST, SCA, IAST, RASP, etc.)
• Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).
• Strong experience with any modern programming language.
• Familiarity with industry standards such as NIST, OWASP, and MITRE.
• Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.
  
  
  

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.