Secure Developer Experience Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Vanguard · 16 hours ago

Secure Developer Experience Specialist

positionDallas, TX
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

Vanguard is a leading investment management company focused on the long-term financial well-being of its clients. They are seeking a Secure Developer Experience Specialist to design and maintain a secure developer scorecard, engage with the developer community, and promote secure coding practices within the organization.

FinanceFinancial Services
badNo H1Bnote

Responsibilities

Design and Maintain the Secure Developer Scorecard: Lead the creation, evolution, and ongoing management of a secure developer scorecard that measures developer successes and failures in secure coding practices. Ensure the scorecard reflects key metrics such as vulnerability prevention, SDLC adherence, time spent on secure coding, and alignment with Vanguard-specific expectations
Discover and Address Developer Community Bottlenecks: Proactively engage with the developer community to identify bottlenecks, frustrations, and barriers that delay code merges to production or lead to the dismissal of secure coding governance. Analyze feedback and data to pinpoint areas for improvement
Lead Developer Engagement and Feedback Loops: Facilitate regular sessions with developers to listen, gather insights, and foster open dialogue about secure development challenges. Serve as a trusted advocate for developers, ensuring their voices are heard in enterprise security initiatives
Build Business Cases for Secure Development Process Improvements: Translate developer feedback and scorecard insights into actionable business cases for process, tooling, or cultural changes. Present recommendations to leadership with a focus on business value, profitability, and measurable outcomes
Conduct Learning and Awareness Activities: Develop and deliver targeted learning sessions, workshops, and awareness campaigns to promote secure coding practices and SDLC governance within the developer community

Qualification

Secure software developmentApplication securitySoftware Development Life CycleCISSP certificationCSSLP certificationPythonJavaC#Developer enablementSecure coding principlesCloud environmentsVulnerability managementSecure development frameworks

Required

Minimum 8 years of related work experience, with at least 3 years in IT security or application development
Undergraduate degree in Computer Science, Information Technology, Cybersecurity, Information Systems, or related field. Alternatively, candidates with a non-technical degree or no degree but substantial relevant experience will be considered
Minimum of 2+ years of professional experience in secure software development, application security, or developer enablement roles
Alternatively, 5+ years of experience in cybersecurity, security awareness, or enterprise application risk management may substitute for direct developer experience
Direct developer experience is not strictly required. However, candidates must demonstrate: Rudimentary coding capability (e.g., able to read, write, and understand code in at least one major programming language such as Python, Java, or C#)
High-level understanding of the Software Development Life Cycle (SDLC), secure coding principles, and the challenges faced in enterprise application development
Familiarity with common developer workflows, tools, and bottlenecks
Highly respected certifications: CISSP, CSSLP. Desired: Security+ or equivalent foundational security certification. Considered: SSAP or similar credentials, especially for candidates with a background in security awareness and developer enablement
Candidates lacking direct developer experience but possessing a strong background in cybersecurity awareness, secure development advocacy, or enterprise change management will be strongly considered

Preferred

Experience with any of the following is a plus: Using Wiz dashboards or similar tools for extracting insights and informing project decisions
Qualys, CloudFleet, or other vulnerability management platforms
AWS, Azure, GCP, or OCI cloud environments
Secure code training platforms
Familiarity with secure development frameworks (e.g., NIST SSDF, OWASP SAMM, SLSA)
Developer productivity platforms, code analysis tools, or IDE security controls

Benefits

Comprehensive health and wellness care
Work-life balance
An investment in your future

Company

Vanguard

twittertwittertwitter
Glassdoor3.7
company-logo
Check is a client-owned investment company that offers low-cost mutual funds, ETFs, advice, and related services.
dateFounded in 1975
location
Kelayres, Pennsylvania, USA
people-size10001+ employees
web-link
http://investor.vanguard.com/corporate-portal

Funding

Current Stage
Late Stage
Total Funding
unknown
Key Investors
ic@3401
2017-03-31Non Equity Assistance

Leadership Team

leader-logo
Salim Ramji
Chief Executive Officer
linkedin
leader-logo
Andrew Maack
Principal, Head of US Equity Index Portfolio Management
linkedin

Recent News

IndiaTimes
MSTR stock jumps as Vanguard makes first $505 million investment in Strategy
2026-01-20
PR Newswire
Vanguard Appoints Natalie Lamarque as Chief Legal Officer
2025-09-05
citybiz
Vanguard Managing Director Karin Risi to Retire
2025-03-15
Company data provided by crunchbase