Apply Now

Software Supply Chain Security Specialist

• Posted 6 days ago • Updated 2 days ago

Full Time

On-site

Fitment

Dice Job Match Score™

🛠️ Calibrating flux capacitors...

Job Details

Skills

Enterprise Software
Roadmaps
Security Controls
Software Development Methodology
Vulnerability Management
Open Source
Workflow
Continuous Integration
Continuous Delivery
Inventory
Reporting
Artificial Intelligence
Machine Learning (ML)
Supply Chain Management
Training
DevSecOps
SCA
CISSP
Scripting
Python
Java
YAML
Finance
Collaboration

Summary

Core Responsibilities

Define and own enterprise software supply chain security strategy, roadmap, and governance
Establish policies and guardrails for SBOM, artifact signing, provenance, and dependency usage
Embed security controls across SDLC, CI/CD pipelines, and artifact repositories
Implement and enforce SBOM generation, validation, and artifact integrity controls
Collaborate with stakeholders and lead risk-based vulnerability management for open-source and third-party components
Collaborate with stakeholders and define remediation workflows, SLAs, and exception handling for supply chain risks
Own tooling strategy for SCA, container scanning, and supply chain security automation
Integrate and optimize security tooling within CI/CD for scalable enforcement
Maintain inventory and visibility of dependencies, SBOMs, and third-/fourth-party exposure
Partner with AppSec, DevSecOps, and platform teams to drive secure development adoption
Enable developers via playbooks, guardrails, and self-service secure consumption patterns
Define metrics and report on supply chain risk posture, remediation effectiveness, and maturity

Nice-to-Have

Experience with AI/ML pipeline security
Exposure to AIBOM / advanced SBOM evolution
Knowledge of zero-trust supply chain models

Qualifications

Minimum of five years related work experience.
Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
7-10+ years in AppSec / DevSecOps / platform security
Hands-on experience with SCA + pipeline security
Certifications preferred (CISSP, CSSLP, AAISM or equivalent etc.)
Programming/scripting (Python, Java, YAML)

Special Factors

Sponsorship
Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission-we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 90922487
Position Id: 24425794
Posted 6 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

DevSecOps Lead

Remote

•

Today

About Us: YipitData is the leading market research and analytics firm for the disruptive economy and most recently raised $475M from The Carlyle Group at a valuation of over $1B. Every day, our proprietary technology analyzes billions of alternative data points to uncover actionable insights across sectors like software, AI, cloud, e-commerce, ridesharing, and payments. Our data and research teams transform raw data into strategic intelligence, delivering accurate, timely, and deeply contextua

Full-time

USD 250,000.00 per year

Senior Product Security Engineer

Remote

•

Today

Harness is the AI Software Delivery Platform company, led by technologist and entrepreneur Jyoti Bansal (founder of AppDynamics, acquired by Cisco for $3.7B). Harness has raised approximately $570M in funding and is valued at $5.5B, backed by leading investors including Goldman Sachs, Menlo Ventures, IVP, Unusual Ventures, Citi Ventures, and more. As AI accelerates code creation, the real bottleneck has shifted to everything after the code - testing, deployments, application security, reliabilit

Full-time

USD 113,000.00 - 125,000.00 per year

Senior Product Security Engineer

Remote

•

Today

Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations build faster, stay compliant, and eliminate risk. Our customers include Fortune 500 enterprises and global industry leaders, including Anduril, Canva, Fortinet, Hewlett Packard Enterprise, OpenAI, Snap Inc., and Snowflake. Chainguard is venture-backed by leading investors, including Amplify, I

Full-time

USD 157,000.00 - 184,000.00 per year

Security Engineer III, Product AppSec

Remote

•

Today

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their

Full-time

USD 208,500.00 - 347,500.00 per year

Search all similar jobs