Application Security Engineering Manager

Responsibilities 

• The Application Security Engineering Manager must set high-level strategy and direction for scanning orchestration and operational practices, while establishing clear expectations, goals, and success metrics.  

• Lead and mentor a global team of application security engineers to build and efficiently manage scanning orchestration platform to efficiently identify security vulnerabilities. 

• Collaborate with Vanguard development teams and stakeholders to integrate security tools, standards, and processes into the Secure Software Development Lifecycle (SSDLC).   

• Implement and manage security tools within CI/CD pipelines to automate vulnerability detection and remediation. 

• Works closely with Application security teams and leadership to bring application security scanning close to developers to enhance developer experience and reduce risk for the organization. 

• Continuously evaluates the Vanguard’s application security scanning requirements, propose solutions, and work with leadership to bridge those gaps to protect Vanguard applications.  

• Define an implement strategy to achieve 100% application code scanning to detect security vulnerabilities. 

• Acts as an industry expert in application security engineering practices and standards and guide the team to mature the Application Security program. 

• Identify the opportunities to automate the Application Security Scanning processes and guide the team to improve efficiency and achieve scalability.  

• Deploy application security tools, processes, and documentation to support alignment with OWASP Top 10, Industry Standards, Current Events, and Best-Practices.  

• Create and maintain documentation for integrated security processes, controls, and incident response playbooks.  

• Develop and maintain a technical roadmap for security tooling and controls to stay ahead of evolving threats.  

• Translate technical security strategies into business-aligned objectives for product and executive leadership. 

• Establish a governance framework to benchmark program maturity and team performance. 

• Stay current on emerging threats, including adversarial ML risks, and lead knowledge-sharing sessions across the organization. 

• Help and guides the AppSec Engineering team towards the technology initiatives such as AI/ML scanning, software-supply-chain, Unified Vulnerability Management platform, etc. 

Qualifications 

• Bachelor’s degree in Computer Science, Engineering, or related field; 

• 7+ years of professional experience in Security Management, Application Security,  

• Proven people leadership experience in Application Security Engineering. 

• Hands-on experience with application development (Java, Python, etc.) 

• Deep expertise in application security methodologies such as SAST, DAST, SCA, etc. 

Desired Skills 

• Strong understanding of Secure SDLC, application security engineering, and AWS cloud. 

• Strong experience with application development (Java, Python, etc.) 

• Familiarity with industry frameworks: OWASP, NIST SSDF. 

• Ability to work independently and define strategic direction. 

• Excellent communication, leadership, and stakeholder management skills. 

• Certifications such as CISSP, CISM, CSSLP, or equivalent are preferred. 

INFO Session Teams Link:

https://teams.microsoft.com/l/meetup-join/19%3ameeting_YWI2MjY2OWItNGQ4Mi00YjBjLWE1MjMtNjgxNTcwMjRkMmFm%40thread.v2/0?context=%7b%22Tid%22%3a%22d3a74ac8-efe4-4fe8-b707-b1bf8c6a25bd%22%2c%22Oid%22%3a%228e36baa1-07c9-41d0-b830-84921b30ff93%22%7d

Special Factors

Sponsorship

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.