<p>The Application Security team secures Vanguard's applications and supports safe, reliable operations across the enterprise. As an Application Security Technical Lead, you will play a critical role in embedding security and compliance into the software development lifecycle (SDLC). You will help shape application security strategy, implement and evolve tooling, maintain technical controls, assess vulnerabilities, and partner closely with engineering teams to ensure strong security guardrails that enable fast, secure application delivery. This role provides technical and delivery leadership across core application security domains, including API security, DAST, container security, and emerging capabilities. The Application Security Technical Lead drives secure SDLC strategy, ensures consistent execution across teams, and collaborates with engineers, architects, and stakeholders to deliver scalable, secure software at Vanguard. This Hybrid Role (in office Tues-Wed-Thurs) is based in Malvern, PA, Charlotte, NC, or Dallas, TX</p> <p>Duties and Responsibilities:</p> <ul> <li> <p>Provide technical and delivery leadership for the Application Security - DevSecOps Team, spanning API, DAST, container security, and emerging application security capabilities.</p> </li><li> <p>Partner with individual domain leads (API, DAST, Container, etc.) to balance priorities, unblock work, and ensure consistent collaboration and execution across the team.</p> </li><li> <p>Support the manager through execution, planning, stakeholder communication, and operational leadership; align weekly priorities with management and the team.</p> </li><li> <p>Work hands-on across application security initiatives as needed, contributing to tooling, integrations, workflows, and problem-solving during high-impact efforts.</p> </li><li> <p>Own team planning and execution, including roadmap development, identifying future scope, aligning work to OKRs, and ensuring commitments are met.</p> </li><li> <p>Participate in on-call support and assist during security tooling incidents or threat events, providing coordination, leadership, and technical guidance when needed.</p> </li><li> <p>Collaborate closely with other Application Security teams, platform teams, and security and engineering partners to align tooling, integrations, and strategy across the broader AppSec ecosystem.</p> </li><li> <p>Work closely with application security architects to influence big-picture design, technical direction, and scalable architecture decisions.</p> </li><li> <p>Remove blockers and support team members through technical guidance, decision support, and hands-on assistance to keep work moving forward.</p> </li><li> <p>Lead and facilitate team operating rhythms, including standups, planning, retrospectives, cross-team syncs, and other working sessions.</p> </li><li> <p>Engage with vendor partners on roadmap discussions, escalations, evaluations, and future capability planning.</p> </li><li> <p>Stay current on application security best practices, tooling trends, and emerging risks, proactively bringing recommendations to the team and leadership.</p> </li><li> <p>Foster a collaborative, inclusive, and high-performing team culture through mentorship, knowledge sharing, and continuous improvement.</p> </li><li> <p>Participate in special projects and perform other duties as assigned.</p> </li></ul> <p>Qualifications:</p> <ul> <li> <p>Undergraduate degree in a related field or equivalent combination of training and experience.</p> </li><li> <p>Strong experience deploying and operating DAST, API, and/or Container Scanning tools to include managing team onboarding, authentication setup, and CI/CD integration.</p> </li><li> <p>Experience with well-known application security tools (SAST, SCA, DAST, etc.)</p> </li><li> <p>Strong knowledge of application development, build, and deployment processes (development, IDEs, repositories, branching, pipelines, cloud, containers, serverless, etc.).</p> </li><li> <p>Familiarity with industry standards such as NIST, OWASP, and MITRE.</p> </li><li> <p>Relevant certifications in application development, security, application security, DevSecOps, or cloud are a plus.</p> </li></ul> <p>Special Factors</p> <p>Sponsorship</p> <p>Vanguard is not offering visa sponsorship for this position.</p> <p>About Vanguard</p> <p>At Vanguard, we don't just have a mission-we're on a mission.</p> <p>To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.</p> <p>How We Work</p> <p>Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.</p>