Software Supply Chain Security Specialist

• Define and own enterprise software supply chain security strategy, roadmap, and governance

• Establish policies and guardrails for SBOM, artifact signing, provenance, and dependency usage

• Embed security controls across SDLC, CI/CD pipelines, and artifact repositories

• Implement and enforce SBOM generation, validation, and artifact integrity controls

• Collaborate with stakeholders and lead risk-based vulnerability management for open-source and third‑party components

• Collaborate with stakeholders and define remediation workflows, SLAs, and exception handling for supply chain risks

• Own tooling strategy for SCA, container scanning, and supply chain security automation

• Integrate and optimize security tooling within CI/CD for scalable enforcement

• Maintain inventory and visibility of dependencies, SBOMs, and third-/fourth-party exposure

• Partner with AppSec, DevSecOps, and platform teams to drive secure development adoption

• Enable developers via playbooks, guardrails, and self-service secure consumption patterns

• Define metrics and report on supply chain risk posture, remediation effectiveness, and maturity

Nice-to-Have

• Experience with AI/ML pipeline security

• Exposure to AIBOM / advanced SBOM evolution

• Knowledge of zero-trust supply chain models

Qualifications

• Minimum of five years related work experience.

• Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.

• 7–10+ years in AppSec / DevSecOps / platform security

• Hands-on experience with SCA + pipeline security

• Certifications preferred (CISSP, CSSLP, AAISM or equivalent etc.)

• Programming/scripting (Python, Java, YAML)

Special Factors

Sponsorship

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.