Software Supply Chain Security Specialist
Indexed description
Core Responsibilities
- Productionize and scale AI-enabled security solutions from Proof of Concept (POC) to enterprise deployment.
- Develop and maintain AI-powered AppSec capabilities including vulnerability prioritization, remediation assistance, and security workflow automation.
- Support AI use cases such as toxic combination detection, CVE chaining analysis, exploitability assessment, and AI-assisted developer remediation.
- Build integrations between AI services and security platforms including SAST, SCA, SBOM, secrets scanning, and vulnerability management solutions.
- Design scalable automation and APIs supporting secure software delivery pipelines.
- Support Software Supply Chain Security initiatives including SBOM generation, dependency intelligence, risk scoring, and supply chain visibility.
- Implement AI capabilities within CI/CD pipelines while maintaining security, auditability, and operational reliability.
- Develop monitoring, observability, and performance metrics for AI-enabled security services.
- Partner with AppSec, Platform Engineering, and Development teams to enable secure adoption of new capabilities.
- Contribute to AppSec AI initiatives supporting AI Attack Readiness and AppSec Modernization objectives.
- Experience operationalizing Generative AI or LLM-based solutions in production environments.
- Hands-on experience with Azure OpenAI, OpenAI APIs, LangChain, Semantic Kernel, AutoGen, CrewAI, or similar frameworks.
- Experience with GitHub Advanced Security (GHAS), Snyk, Wiz, JFrog Xray, or comparable security platforms.
- Knowledge of SBOM standards, software composition analysis, and software supply chain security practices.
- Experience developing AI agents, orchestration frameworks, or security automation workflows.
- Familiarity with Kubernetes, containers, cloud platforms (AWS/Azure), and Infrastructure-as-Code.
- Experience with ML observability, prompt engineering, AI evaluation frameworks, or Responsible AI practices.
- Understanding of exploitability analysis, attack path analysis, or threat modeling.
- Experience supporting enterprise-scale developer platforms or security services.
- Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field.
- 3–5+ years of experience in Software Engineering, Application Security, DevSecOps, or Security Engineering.
- Experience developing solutions using Python, Java, or similar programming languages.
- Experience building APIs, automation workflows, and cloud-native applications.
- Knowledge of 3 or more Security concepts including:
- SAST
- SCA
- Secrets Management
- Vulnerability Management
- CI/CD Security
- Software Supply Chain Security
- SBOMs
- Experience working with GitHub, Git-based development workflows, and modern CI/CD platforms.
- Familiarity with AI/LLM technologies and AI-assisted software development.
- Strong troubleshooting, automation, and problem-solving skills.
- Ability to work across security, engineering, and development teams.
About Vanguard
At Vanguard, we don't just have a mission—we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search