Security Assurance Expert – Charlotte

August 13, 2019
August 13, 2019
Charlotte, NC, US
Job Requisition #125399

Bring clarity to security and risk management

At Vanguard, we’re changing the way the world invests by always doing the right thing for our clients. That means security is more than a priority; it’s fundamental to our purpose. Protecting our investors from risk requires clear goals, big ideas and resolute action. As part of our Enterprise Security and Fraud organization you’ll keep Vanguard safe day in and day out by securing the continuous delivery pipeline in this DevSecOps role. You’ll work hard at managing assessment plans and performing security reviews and vulnerability testing of systems, architectures, and configurations. You’ll also automate various aspects of the DevSecOps effort. Additionally, we’ll also call on your expertise to define technical security requirements and provide guidance to asset owners and risk teams regarding the mitigation and acceptance of risks.

In this role you will:

  • Work extensively with our Next Gen Apps (NGA) micro services performing inspections for automated security test case compliance and help set the direction for and manage the usage of vulnerable open source components in use by Vanguard applications
  • Help evaluate security tools in the Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) space to determine how they’ll be used and support development teams in their usage
  • Participate in identification of technical security solutions, and coordinate and lead adoption of new security initiatives and solutions
  • Conducts various types of security assessments. Document and distribute assessment reports
  • Work with dev tools such as Bitbucket and Bamboo as well security dev tools such as Nexus Life Cycle, Checkmarx, Contrast and Fortify

Impact:

Our Global Security and Risk organization protects Vanguard’s twenty million investors from ever-evolving threats by staying one step ahead. By assessing and documenting risks to Vanguard’s systems (infrastructure, application, and third-party), defining common challenges and evolving security and operations workflows, you’ll play a key role in enabling secure product development that will ultimately positively impact enterprise-level transformation.

What it Takes:

  • Undergraduate degree or equivalent combination of training or experience required. Graduate degree preferred.
  • 10+ year’s technical experience in relevant technology implementation, e.g. application, infrastructure, audit or 3rd party. Experience in IT security preferred.
  • Demonstrated excellent professional, communication, interpersonal, and influence skills.
  • Experience mitigating technical security vulnerabilities preferred.

Certifications:

  • Ability to obtain within 1 year one profession security certification such as ISC2 CISSP, GIAC Security Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we’re changing the way the world invests.

For us, investing doesn’t just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose – and that’s how we’ve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let’s make it count.

Inclusion Statement

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: ‘Do the right thing.’

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard’s core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

August 13, 2019
August 13, 2019
Charlotte, NC, US
Job Requisition #125399

Bring clarity to security and risk management

At Vanguard, we’re changing the way the world invests by always doing the right thing for our clients. That means security is more than a priority; it’s fundamental to our purpose. Protecting our investors from risk requires clear goals, big ideas and resolute action. As part of our Enterprise Security and Fraud organization you’ll keep Vanguard safe day in and day out by securing the continuous delivery pipeline in this DevSecOps role. You’ll work hard at managing assessment plans and performing security reviews and vulnerability testing of systems, architectures, and configurations. You’ll also automate various aspects of the DevSecOps effort. Additionally, we’ll also call on your expertise to define technical security requirements and provide guidance to asset owners and risk teams regarding the mitigation and acceptance of risks.

In this role you will:

  • Work extensively with our Next Gen Apps (NGA) micro services performing inspections for automated security test case compliance and help set the direction for and manage the usage of vulnerable open source components in use by Vanguard applications
  • Help evaluate security tools in the Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) space to determine how they’ll be used and support development teams in their usage
  • Participate in identification of technical security solutions, and coordinate and lead adoption of new security initiatives and solutions
  • Conducts various types of security assessments. Document and distribute assessment reports
  • Work with dev tools such as Bitbucket and Bamboo as well security dev tools such as Nexus Life Cycle, Checkmarx, Contrast and Fortify

Impact:

Our Global Security and Risk organization protects Vanguard’s twenty million investors from ever-evolving threats by staying one step ahead. By assessing and documenting risks to Vanguard’s systems (infrastructure, application, and third-party), defining common challenges and evolving security and operations workflows, you’ll play a key role in enabling secure product development that will ultimately positively impact enterprise-level transformation.

What it Takes:

  • Undergraduate degree or equivalent combination of training or experience required. Graduate degree preferred.
  • 10+ year’s technical experience in relevant technology implementation, e.g. application, infrastructure, audit or 3rd party. Experience in IT security preferred.
  • Demonstrated excellent professional, communication, interpersonal, and influence skills.
  • Experience mitigating technical security vulnerabilities preferred.

Certifications:

  • Ability to obtain within 1 year one profession security certification such as ISC2 CISSP, GIAC Security Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, we’re changing the way the world invests.

For us, investing doesn’t just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose – and that’s how we’ve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Let’s make it count.

Inclusion Statement

Vanguard’s continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: ‘Do the right thing.’

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguard’s core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard’s core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

Our commitment to equal employment opportunity

Vanguard is an equal opportunity employer. Vanguard is committed to providing all crew members a working environment that is free from discrimination, prejudice and bias. Through this Equal Employment Opportunity (EEO) Policy, Vanguard reaffirms its commitment to equal employment opportunity for all applicants and crew members without regard to race, color, national origin or ancestry, religion, gender, sex, sexual orientation, gender identity or expression, age, disability, marital status, veteran or military status. In addition, Vanguard prohibits discrimination based on genetic information, as well as any other characteristic protected by federal, state or local law.

Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Vanguard. Please inform careers@vanguard.com if you need assistance completing this application or to otherwise participate in the application process.

Careers blog

Explore Our Opportunities

Tax Analyst
Malvern, PA