Manager, SecDevEx

Responsibilities 

• Set high-level strategy and direction for secure software development and software supply chain practices, establishing clear expectations, goals, and success metrics. Collaborate with cybersecurity experts, technology teams, vendors, and business leaders to define and enforce controls that protect enterprise assets and enhance developer experience with security processes.  
• Mentor and lead a global team of application security professionals to improve developer experience around security tools and workflows.  
• Partner with Vanguard development teams to integrate security tools, standards, and processes into the Secure Software Development Lifecycle (SSDLC), enabling automated vulnerability detection and real-time remediation guidance.  
• Coordinate with development teams to promote secure coding practices and deliver clear documentation and guidance on secure development standards.  
• Drive security awareness and training initiatives for developers to foster secure coding habits across Vanguard.  
• Identify and implement improvements in security testing and vulnerability management processes to reduce developer friction and enhance efficiency.  
• Define and standardize measurement criteria across Vanguard to demonstrate improvements in developer experience with security tooling and processes.  
• Integrate security tools directly into IDEs and leverage GenAI capabilities to deliver real-time remediation recommendations to developers.  
• Launch and manage a secure code training platform in collaboration with other security teams, including designing training curriculum tailored to technical audiences that aligns with compliance standards.  
• Lead secure software supply chain initiatives, including SBOM generation, artifact signing, provenance tracking, and alignment with industry standards.  
• Deploy and maintain application security tools, processes, and documentation aligned with OWASP Top 10, current threat intelligence, and industry best practices.  
• Define, implement and maintain security policies and coding standards ensuring alignment with organizational risk posture and regulatory requirements.  
• Develop and maintain a technical roadmap for security tooling and controls to stay ahead of evolving threats and developer needs.  
• Translate technical security strategies into business-aligned objectives for product and executive leadership.  
• Establish a governance framework to benchmark program maturity and team performance.  
• Proactively resolve and thoroughly document audit findings and associated risks, ensuring timely closure and alignment with compliance standards.  

Qualifications  

Bachelor’s degree in computer science, Engineering, or related field.  

7+ years of professional experience in Security Management, Application Security, or ML Security.  

Proven leadership experience in IT Security and governance.  

Hands-on experience with Application Security tools (SAST, DAST, SCA, API security tools).  

Familiarity with secure ML lifecycle practices (MLSecOps).  

Desired Skills  

Strong understanding of Secure SDLC, application security testing, and supply chain security.  

Experience with MLSecOps practices and securing AI/ML pipelines.  

Familiarity with industry frameworks: OWASP SAMM, BSIMM, SLSA, NIST SSDF.  

Experience with cloud platforms (AWS, Azure, GCP) and cloud-native security practices.  

Ability to work independently and define strategic direction without supervision.  

Excellent communication, leadership, and stakeholder management skills.  

Certifications such as CISSP, CISM, CSSLP, or equivalent are preferred.  

Experience with one or more programming languages such as Python, Java, C#, C++, etc. 

Special Factors

Sponsorship

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.