Vanguard

Application Security Coordinator – Threat Modeling

Vanguard

full-time

Posted on:

Location Type: Hybrid

Location: MalvernNorth CarolinaPennsylvaniaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Provide programmatic support and coordination for application and infrastructure security assessments.
  • Own and manage the threat modeling engagement from intake through final reporting and closure.
  • Coordinate workshop scheduling across multiple concurrent engagements, balancing priorities, dependencies, and resource availability.
  • Partner with application teams, infrastructure owners, and product stakeholders to gather pre workshop information, technical documentation, architecture diagrams, and required artifacts.
  • Ensure threat modeling workshop scope, assumptions, and prerequisites are clearly defined and validated prior to execution.
  • Serve as the primary coordination point between cybersecurity, engineering, architecture, and product stakeholders for threat modeling and secure design activities.
  • Build strong relationships with development and infrastructure teams to promote early engagement with security and “shift‑left” practices.
  • Clearly communicate expectations, timelines, and outcomes to both technical and non‑technical audiences.
  • Escalate risks, delays, or blockers to appropriate leaders in a timely, structured manner.
  • Ensure threat modeling sessions and outcomes are accurately documented, including identified threats, assumptions, mitigations, and residual risks.
  • Maintain high‑quality records in designated tools and repositories, ensuring traceability from threats to corresponding controls or backlog items.
  • Support audit‑ready documentation and evidence requirements related to application and infrastructure security design.
  • Produce regular reporting on volume, throughput, cycle times, and themes emerging from threat modeling activities.
  • Coordinate with vulnerability management and risk teams to align threat modeling outcomes with broader risk registers, remediation workflows, and standards.
  • Ensure that critical threats and design weaknesses are properly logged, tracked, and dispositioned through established risk processes.
  • Support remediation follow‑up by partnering with technology owners to monitor progress on agreed mitigations.
  • Apply program and project management best practices to manage complex, multi workstream assessment activities.
  • Maintain assessment roadmaps, intake queues, and execution plans aligned to business and technology priorities.
  • Leverage Agile and Scrum style practices where appropriate, including backlog management, sprint planning, stand ups, retrospectives, and dependency tracking.
  • Act as a servant‑leader / facilitator for security‑focused work, removing impediments and enabling smooth execution across teams.
  • Contribute to the refinement of threat modeling playbooks, templates, and checklists to drive consistency and ease of use.

Requirements

  • Bachelor’s degree in Information Security, Information Technology, Risk Management, or a related field (or equivalent experience).
  • Experience (typically 5+ years) in application security, cybersecurity, IT risk management, software engineering, or technology program coordination.
  • Demonstrated experience coordinating or facilitating security activities such as threat modeling, security architecture reviews, or application/infrastructure security assessments in large, regulated, or complex environments.
  • Strong understanding of cybersecurity risk concepts (e.g., vulnerability, risk, threat, attack surface, mitigation)
  • Understanding of software development lifecycles (Agile, DevOps, CI/CD)
Benefits
  • Health insurance
  • Flexible working arrangements
  • Professional development opportunities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securitycybersecurityrisk managementthreat modelingsecurity architecture reviewsAgileDevOpsCI/CDprogram managementproject management
Soft Skills
communicationcoordinationrelationship buildingfacilitationservant leadershipproblem solvingprioritizationdocumentationstakeholder engagementrisk escalation