"Alerted.org

Duties and Responsibilities

+ Aggregate and normalize vulnerability data from diverse sources into a unified vulnerability platform (UVM).

+ Experience with integrating self-hosted and SaaS-based applications via APIs. Expertise utilizing native API integrations and developing custom integrations (via code or scripts).

+ Collaborate with product owners (Vulnerability Management, DevSecOps, Cloud Security, etc.) to ensure the collection, quality, normalization, and enrichment of vulnerability data.

+ Apply standardized vulnerability severity scoring and customize it to reflect business context and risk appetite.

+ Develop and maintain centralized dashboards to visualize risk posture across applications and environments. To include custom dashboards for different stakeholder types (executives, business owners, and resource owners).

+ Collaborate with Technical Security Advisors and BISOs to maintain and improve risk reporting (visualizations, dashboards, reports, notifications, etc.).

+ Improve exception workflows through UVM integrations with workload mgmt./ticketing systems.

+ Build and maintain RBAC to the UVM platform (dashboards, reports, etc.).

+ Define and enforce remediation SLAs and shift-left prevention policies.

+ Support operational workflows for risk acceptance, false positives, and severity overrides.

+ Participate in recurring vulnerability oversight meetings and provide actionable insights.

+ Contribute to the development of vulnerability lifecycle processes and automation strategies.

+ Maintain comprehensive documentation of technology, projects, processes, etc.

+ Stay up to date on security practices and standards; participate in educational opportunities; read professional publications.

+ Participate in special projects and other duties as assigned.

Qualifications

+ Undergraduate degree in IT or cybersecurity is preferred.

+ 3-5 years of experience in vulnerability management.

+ Hands-on experience with unified vulnerability management (UVM) solutions (e.g., ArmorCode, Wiz).

+ Strong understanding of OWASP Top 10, CVE, CVSS, NVD, and other vulnerability standards.

+ Experience with programming and scripting languages (e.g., Python, PowerShell) is preferred.

+ Familiarity with data engineering solutions (e.g., Athena, Tableau), workload management solutions (e.g., Jira, ServiceNow), version control and pipeline solutions (e.g., Bamboo, GitHub), and IaC solutions (e.g., Terraform, Ansible).

+ Knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).

+ Professional certifications such as CISSP, CCSP, or Security+ a plus.

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.