Vanguard

DevSecOps Tech Lead

Vanguard

full-time

Posted on:

Location Type: Hybrid

Location: DallasNorth CarolinaPennsylvaniaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudSDLC

About the role

  • Serve as the technical lead and subject matter expert for Software Composition Analysis (SCA)
  • Partner closely with the AppSec team lead and manager to execute strategy and roadmap for open-source and dependency security across the SDLC
  • Lead the design, configuration, and continuous optimization of SCA tooling
  • Drive risk-based vulnerability management for open-source dependencies
  • Provide guidance on prioritization, remediation approaches, and risk acceptance decisions
  • Define and maintain standards, guardrails, and best practices for open-source usage
  • Act as the primary point of contact for SCA
  • Collaborate with application teams, platform teams, App Sec peers, and other security stakeholders
  • Participate in an on-call rotation to support application security tooling
  • Champion a developer-first experience by improving signal quality, reducing noise
  • Identify, design, and implement automation and process improvements to enhance dependency visibility
  • Define, track, and communicate key metrics and insights related to open-source risk
  • Provide technical leadership and mentorship to App Sec engineers and development teams on secure dependency management
  • Maintain comprehensive documentation for SCA technologies, processes, and standards

Requirements

  • Bachelor’s degree in a related field or equivalent experience
  • Hands-on experience deploying and operating SCA/SAST tools, including onboarding, auth setup, and CI/CD integration
  • Experience with additional AppSec tools (Secret Scanning, IAST, DAST, etc.)
  • Strong understanding of modern application development and delivery (IDEs, repos, CI/CD, cloud, containers, serverless)
  • Working knowledge of NIST, OWASP, and MITRE frameworks
  • AppSec, DevSecOps, cloud, or development certifications a plus
Benefits
  • Health insurance
  • Retirement plans
  • Paid time off
  • Flexible work arrangements
  • Professional development opportunities
  • Visa sponsorship
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Software Composition Analysis (SCA)SAST toolsSecret ScanningIASTDASTCI/CD integrationautomationsecure dependency managementvulnerability managementopen-source risk
Soft Skills
technical leadershipmentorshipcollaborationcommunicationprioritizationrisk acceptanceprocess improvementdocumentation
Certifications
AppSec certificationsDevSecOps certificationscloud certificationsdevelopment certifications