Skip to main content
Back to jobs

Supply Chain Security Specialist

External
Vanguard logoVanguard · Malvern, PA
Full-timeHybrid4d ago
CI/CDDevSecOpsJavaPython
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Requirements

  • Experience with AI/ML pipeline security
  • Exposure to AIBOM / advanced SBOM evolution
  • Knowledge of zero-trust supply chain models
  • Minimum of five years related work experience.
  • Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
  • 7-10+ years in AppSec / DevSecOps / platform security
  • Hands-on experience with SCA + pipeline security
  • Certifications preferred (CISSP, CSSLP, AAISM or equivalent etc.)
  • Programming/scripting (Python, Java, YAML)
  • Special Factors
  • Sponsorship
  • Vanguard is not offering visa sponsorship for this position.
  • About Vanguard
  • At Vanguard, we don't just have a mission-we're on a mission.
  • To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
  • How We Work

Additional Information

Core Responsibilities Define and own enterprise software supply chain security strategy, roadmap, and governance Establish policies and guardrails for SBOM, artifact signing, provenance, and dependency usage Embed security controls across SDLC, CI/CD pipelines, and artifact repositories Implement and enforce SBOM generation, validation, and artifact integrity controls Collaborate with stakeholders and lead risk-based vulnerability management for open-source and third‑party components Collaborate with stakeholders and define remediation workflows, SLAs, and exception handling for supply chain risks Own tooling strategy for SCA, container scanning, and supply chain security automation Integrate and optimize security tooling within CI/CD for scalable enforcement Maintain inventory and visibility of dependencies, SBOMs, and third-/fourth-party exposure Partner with AppSec, DevSecOps, and platform teams to drive secure development adoption Enable developers via playbooks, guardrails, and self-service secure consumption patterns Define metrics and report on supply chain risk posture, remediation effectiveness, and maturity

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Vanguard? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect