"Alerted.org

Duties and Responsibilities

+ Utilize application development, deployment, and security experience to help guide Application Security strategy and secure the software development lifecycle (SDLC).

+ Utilize current and emerging security technologies to identify, assess, and remediate application vulnerabilities (SAST, SCA, IAST, DAST, Containers, etc.)

+ Configure and onboard teams to dynamic scanning tools across CI/CD environments. To include the management of authentication and integration of DAST scanners with target applications and platforms.

+ Design, implement, and continuously refine API security requirements and architecture patterns that proactively address emerging threats and align with enterprise security and system design principles.

+ Ensure the proper implementation, coverage, and function of the application security solutions.

+ Develop and implement strategies to secure current and emerging technologies (cloud, containers, serverless, mobile, AI/ML, etc.).

+ Conduct in-depth analysis of vulnerabilities in software and application deployment processes, proposing and implementing remediation measures.

+ Identify and execute opportunities to automate Application Security processes to improve the efficiency and effectiveness of security measures.

+ Gather and report metrics from application security solutions and processes to provide meaningful insights into the maturity of the Application Security program.

+ Collaborate with developer community and enhance their experience in remediating SDLC security vulnerabilities.

+ Provide guidance and training to development and cloud engineering teams on secure coding and deployment best practices.

+ Stay up to date on application security practices and standards; participate in educational opportunities; read professional publications.

+ Maintain comprehensive documentation of technology, projects, processes, etc.

+ Participate in special projects and other duties as assigned.

Qualifications

+ Undergraduate degree in a related field or equivalent combination of training and experience.

+ Strong experience deploying and operating DAST tools to include managing team onboarding, authentication setup, and CI/CD integration.

+ Experience with other well-known application security tools (SAST, SCA, IAST, RASP, etc.)

+ Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).

+ Familiarity with industry standards such as NIST, OWASP, and MITRE.

+ Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.