Application Security Specialist

Duties and Responsibilities

• Utilize application development, deployment, and security experience to help guide Application Security strategy and secure the software development lifecycle (SDLC).

• Utilize current and emerging security technologies to identify, assess, and remediate application vulnerabilities (SAST, SCA, IAST, DAST, Containers, etc.)

• Configure and onboard teams to dynamic scanning tools across CI/CD environments. To include the management of authentication and integration of DAST scanners with target applications and platforms.

• Design, implement, and continuously refine API security requirements and architecture patterns that proactively address emerging threats and align with enterprise security and system design principles.

• Ensure the proper implementation, coverage, and function of the application security solutions.

• Develop and implement strategies to secure current and emerging technologies (cloud, containers, serverless, mobile, AI/ML, etc.).

• Conduct in-depth analysis of vulnerabilities in software and application deployment processes, proposing and implementing remediation measures.

• Identify and execute opportunities to automate Application Security processes to improve the efficiency and effectiveness of security measures.

• Gather and report metrics from application security solutions and processes to provide meaningful insights into the maturity of the Application Security program.

• Collaborate with developer community and enhance their experience in remediating SDLC security vulnerabilities.

• Provide guidance and training to development and cloud engineering teams on secure coding and deployment best practices.

• Stay up to date on application security practices and standards; participate in educational opportunities; read professional publications.

• Maintain comprehensive documentation of technology, projects, processes, etc.

• Participate in special projects and other duties as assigned.

Qualifications

• Undergraduate degree in a related field or equivalent combination of training and experience.

• Strong experience deploying and operating DAST tools to include managing team onboarding, authentication setup, and CI/CD integration.

• Experience with other well-known application security tools (SAST, SCA, IAST, RASP, etc.)

• Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).

• Familiarity with industry standards such as NIST, OWASP, and MITRE.

• Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.

Special Factors

Sponsorship
Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission-we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.