Core Responsibilities

• Provide technical and delivery leadership for the Application Security - DevSecOps Foundations team, spanning SAST, SCA, secrets scanning, and emerging application security capabilities.
• Partner with individual domain leads (SAST, SCA, Engineering, etc.) to balance priorities, unblock work, and ensure consistent collaboration and execution across the team.
• Support the manager through execution, planning, stakeholder communication, and operational leadership; align weekly priorities with management and the team.
• Work hands-on across application security initiatives as needed, contributing to tooling, integrations, workflows, and problem-solving during high-impact efforts.
• Own team planning and execution, including roadmap development, identifying future scope, aligning work to OKRs, and ensuring commitments are met.
• Participate in on-call support and assist during security tooling incidents or threat events, providing coordination, leadership, and technical guidance when needed.
• Collaborate closely with other Application Security teams, platform teams, and security and engineering partners to align tooling, integrations, and strategy across the broader AppSec ecosystem.
• Work closely with application security architects to influence big-picture design, technical direction, and scalable architecture decisions.
• Remove blockers and support team members through technical guidance, decision support, and hands-on assistance to keep work moving forward.
• Lead and facilitate team operating rhythms, including standups, planning, retrospectives, cross-team syncs, and other working sessions.
• Engage with vendor partners on roadmap discussions, escalations, evaluations, and future capability planning.
• Stay current on application security best practices, tooling trends, and emerging risks, proactively bringing recommendations to the team and leadership.
• Foster a collaborative, inclusive, and high-performing team culture through mentorship, knowledge sharing, and continuous improvement.
• Participate in special projects and perform other duties as assigned.

Qualifications

• Bachelor’s degree in a related field or equivalent experience
• Proven experience deploying and operating SAST/SCA tools, including onboarding, authentication, and CI/CD integration
• Hands-on experience with application security tools (SAST, SCA, IAST, DAST, etc.)
• Strong understanding of modern application development and delivery (IDEs, repos, CI/CD, cloud, containers, serverless)
• Knowledge of industry standards such as NIST, OWASP, and MITRE
• Relevant certifications in AppSec, DevSecOps, cloud, or application development preferred

Special Factors

Sponsorship

Vanguard is offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.