Security Assurance Expert Security Assurance Expert …

The Vanguard Group, Inc
à Charlotte, NC, États-Unis
CDI, Plein-temps
Soyez parmi les premiers à postuler
The Vanguard Group, Inc
à Charlotte, NC, États-Unis
CDI, Plein-temps
Soyez parmi les premiers à postuler
Security Assurance Expert
Security Assurance Expert - Charlotte Charlotte, NC/en-US/vanguard_external/job/Charlotte-NC/Security-Assurance-Expert---Charlotte_125399/apply

Bring clarity to security and risk management

At Vanguard, were changing the way the world invests by always doing the right thing for our clients. That means security is more than a priority; its fundamental to our purpose. Protecting our investors from risk requires clear goals, big ideas and resolute action. As part of our Enterprise Security and Fraud organization youll keep Vanguard safe day in and day out by securing the continuous delivery pipeline in this DevSecOps role. Youll work hard at managing assessment plans and performing security reviews and vulnerability testing of systems, architectures, and configurations. Youll also automate various aspects of the DevSecOps effort. Additionally, well also call on your expertise to define technical security requirements and provide guidance to asset owners and risk teams regarding the mitigation and acceptance of risks.

In this role you will:

  • Work extensively with our Next Gen Apps (NGA) micro services performing inspections for automated security test case compliance and help set the direction for and manage the usage of vulnerable open source components in use by Vanguard applications
  • Help evaluate security tools in the Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) space to determine how theyll be used and support development teams in their usage
  • Participate in identification of technical security solutions, and coordinate and lead adoption of new security initiatives and solutions
  • Conducts various types of security assessments. Document and distribute assessment reports
  • Work with dev tools such as Bitbucket and Bamboo as well security dev tools such as Nexus Life Cycle, Checkmarx, Contrast and Fortify


Our Global Security and Risk organization protects Vanguards twenty million investors from ever-evolving threats by staying one step ahead. By assessing and documenting risks to Vanguard's systems (infrastructure, application, and third-party), defining common challenges and evolving security and operations workflows, youll play a key role in enabling secure product development that will ultimately positively impact enterprise-level transformation.

What it Takes:

  • Undergraduate degree or equivalent combination of training or experience required. Graduate degree preferred.
  • 10+ years technical experience in relevant technology implementation, e.g. application, infrastructure, audit or 3rd party. Experience in IT security preferred.
  • Demonstrated excellent professional, communication, interpersonal, and influence skills.
  • Experience mitigating technical security vulnerabilities preferred.


  • Ability to obtain within 1 year one profession security certification such as ISC2 CISSP, GIAC Security Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Vanguard is not offering visa sponsorship for this position.

About Vanguard

We are Vanguard. Together, were changing the way the world invests.

For us, investing doesnt just end in value. It starts with values. Because when you invest with courage, when you invest with clarity, and when you invest with care, you can get so much more in return. We invest with purpose and thats how weve become a global market leader. Here, we grow by doing the right thing for the people we serve. And so can you.

We want to make success accessible to everyone. This is our opportunity. Lets make it count.

Inclusion Statement

Vanguards continued commitment to diversity and inclusion is firmly rooted in our culture. Every decision we make to best serve our clients, crew (internally employees are referred to as crew), and communities is guided by one simple statement: Do the right thing.

We believe that a critical aspect of doing the right thing requires building diverse, inclusive, and highly effective teams of individuals who are as unique as the clients they serve. We empower our crew to contribute their distinct strengths to achieving Vanguards core purpose through our values.

When all crew members feel valued and included, our ability to collaborate and innovate is amplified, and we are united in delivering on Vanguard's core purpose.

Our core purpose: To take a stand for all investors, to treat them fairly, and to give them the best chance for investment success.

Posted 5 Days AgoFull time125399

Vanguard, one of the world's largest investment management companies, serves individual investors, institutions, employer-sponsored retirement plans, and financial professionals. We have a diverse and talented crew with a culture that promotes teamwork, along with an unwavering focus on serving our clients' best interests.

This website uses "cookies" to distinguish you from other users. A cookie is a small file of letters and numbers placed on your computer or device. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site and services. The cookies are stored locally on your computer or mobile device. To accept cookies you can continue browsing as normal. Or you can go to our to read more information and learn how to change your preferences.