Job Information
Vanguard Application Security Tech Lead in Malvern, Pennsylvania
Duties and Responsibilities:
Provide technical and delivery leadership for the Application Security – DevSecOps Team, spanning API, DAST, container security, and emerging application security capabilities.
Partner with individual domain leads (API, DAST, Container, etc.) to balance priorities, unblock work, and ensure consistent collaboration and execution across the team.
Support the manager through execution, planning, stakeholder communication, and operational leadership; align weekly priorities with management and the team.
Work hands-on across application security initiatives as needed, contributing to tooling, integrations, workflows, and problem-solving during high‑impact efforts.
Own team planning and execution, including roadmap development, identifying future scope, aligning work to OKRs, and ensuring commitments are met.
Participate in on-call support and assist during security tooling incidents or threat events, providing coordination, leadership, and technical guidance when needed.
Collaborate closely with other Application Security teams, platform teams, and security and engineering partners to align tooling, integrations, and strategy across the broader AppSec ecosystem.
Work closely with application security architects to influence big‑picture design, technical direction, and scalable architecture decisions.
Remove blockers and support team members through technical guidance, decision support, and hands-on assistance to keep work moving forward.
Lead and facilitate team operating rhythms, including standups, planning, retrospectives, cross‑team syncs, and other working sessions.
Engage with vendor partners on roadmap discussions, escalations, evaluations, and future capability planning.
Stay current on application security best practices, tooling trends, and emerging risks, proactively bringing recommendations to the team and leadership.
Foster a collaborative, inclusive, and high‑performing team culture through mentorship, knowledge sharing, and continuous improvement.
Participate in special projects and perform other duties as assigned.
Qualifications:
Undergraduate degree in a related field or equivalent combination of training and experience.
Strong experience deploying and operating DAST, API, and/or Container Scanning tools to include managing team onboarding, authentication setup, and CI/CD integration.
Experience with well-known application security tools (SAST, SCA, DAST, etc.)
Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).
Familiarity with industry standards such as NIST, OWASP, and MITRE.
Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.
Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.
About Vanguard
At Vanguard, we don't just have a mission—we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.