Manager, SecDevEx

Charlotte, VT - USA

Monthly Salary: Not Disclosed

Posted on: 14 days ago

Vacancies: 1 Vacancy

Job Summary

Responsibilities

Set high-level strategy and direction for secure software development and software supply chain practices establishing clear expectations goals and success metrics. Collaborate with cybersecurity experts technology teams vendors and business leaders to define and enforce controls that protect enterprise assets and enhance developer experience with security processes.
Mentor and lead a global team of application security professionals to improve developer experience around security tools and workflows.
Partner with Vanguard development teams to integrate security tools standards and processes into the Secure Software Development Lifecycle (SSDLC) enabling automated vulnerability detection and real-time remediation guidance.
Coordinate with development teams to promote secure coding practices and deliver clear documentation and guidance on secure development standards.
Drive security awareness and training initiatives for developers to foster secure coding habits across Vanguard.
Identify and implement improvements in security testing and vulnerability management processes to reduce developer friction and enhance efficiency.
Define and standardize measurement criteria across Vanguard to demonstrate improvements in developer experience with security tooling and processes.
Integrate security tools directly into IDEs and leverage GenAI capabilities to deliver real-time remediation recommendations to developers.
Launch and manage a secure code training platform in collaboration with other security teams including designing training curriculum tailored to technical audiences that aligns with compliance standards.
Lead secure software supply chain initiatives including SBOM generation artifact signing provenance tracking and alignment with industry standards.
Deploy and maintain application security tools processes and documentation aligned with OWASP Top 10 current threat intelligence and industry best practices.
Define implement and maintain security policies and coding standards ensuring alignment with organizational risk posture and regulatory requirements.
Develop and maintain a technical roadmap for security tooling and controls to stay ahead of evolving threats and developer needs.
Translate technical security strategies into business-aligned objectives for product and executive leadership.
Establish a governance framework to benchmark program maturity and team performance.
Proactively resolve and thoroughly document audit findings and associated risks ensuring timely closure and alignment with compliance standards.

Qualifications

Bachelors degree in computer science Engineering or related field.

7 years of professional experience in Security Management Application Security or ML Security.

Proven leadership experience in IT Security and governance.

Hands-on experience with Application Security tools (SAST DAST SCA API security tools).

Familiarity with secure ML lifecycle practices (MLSecOps).

Desired Skills

Strong understanding of Secure SDLC application security testing and supply chain security.

Experience with MLSecOps practices and securing AI/ML pipelines.

Familiarity with industry frameworks: OWASP SAMM BSIMM SLSA NIST SSDF.

Experience with cloud platforms (AWS Azure GCP) and cloud-native security practices.

Ability to work independently and define strategic direction without supervision.

Excellent communication leadership and stakeholder management skills.

Certifications such as CISSP CISM CSSLP or equivalent are preferred.

Experience with one or more programming languages such as Python Java C# C etc.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard we dont just have a missionwere on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members designed to capture the benefits of enhanced flexibility while enabling in-person learning collaboration and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Required Experience:

Manager

ResponsibilitiesSet high-level strategy and direction for secure software development and software supply chain practices establishing clear expectations goals and success metrics. Collaborate with cybersecurity experts technology teams vendors and business leaders to define and enforce controls tha...

Responsibilities

Set high-level strategy and direction for secure software development and software supply chain practices establishing clear expectations goals and success metrics. Collaborate with cybersecurity experts technology teams vendors and business leaders to define and enforce controls that protect enterprise assets and enhance developer experience with security processes.
Mentor and lead a global team of application security professionals to improve developer experience around security tools and workflows.
Partner with Vanguard development teams to integrate security tools standards and processes into the Secure Software Development Lifecycle (SSDLC) enabling automated vulnerability detection and real-time remediation guidance.
Coordinate with development teams to promote secure coding practices and deliver clear documentation and guidance on secure development standards.
Drive security awareness and training initiatives for developers to foster secure coding habits across Vanguard.
Identify and implement improvements in security testing and vulnerability management processes to reduce developer friction and enhance efficiency.
Define and standardize measurement criteria across Vanguard to demonstrate improvements in developer experience with security tooling and processes.
Integrate security tools directly into IDEs and leverage GenAI capabilities to deliver real-time remediation recommendations to developers.
Launch and manage a secure code training platform in collaboration with other security teams including designing training curriculum tailored to technical audiences that aligns with compliance standards.
Lead secure software supply chain initiatives including SBOM generation artifact signing provenance tracking and alignment with industry standards.
Deploy and maintain application security tools processes and documentation aligned with OWASP Top 10 current threat intelligence and industry best practices.
Define implement and maintain security policies and coding standards ensuring alignment with organizational risk posture and regulatory requirements.
Develop and maintain a technical roadmap for security tooling and controls to stay ahead of evolving threats and developer needs.
Translate technical security strategies into business-aligned objectives for product and executive leadership.
Establish a governance framework to benchmark program maturity and team performance.
Proactively resolve and thoroughly document audit findings and associated risks ensuring timely closure and alignment with compliance standards.