The Senior Application Security Architect is responsible for the reliability, resilience, and operational excellence of Vanguard’s Application Security platforms. This role drives SRE best practices, leads incident and postmortem processes, and evolves the architecture to ensure secure, stable, and scalable services. As a hands-on technical leader, you will partner closely with developers, DevSecOps teams, and platform owners to elevate secure engineering practices and enhance the overall developer experience.

**This Hybrid role (in office Tues-Wed-Thurs) is based in Charlotte, NC, Dallas, TX, or Malvern, PA (HQ**

Responsibilities:

Operational Excellence & Reliability:

• Own operational health for Application Security platforms, including SLIs/SLOs, error budgets, and reliability dashboards.
• Lead incident response, postmortems, and root cause analysis; ensure corrective actions are implemented.
• Govern SLA/PLA compliance and maintain operational readiness across AppSec services.
• Develop, test, and maintain incident response and continuity plans for Application Security operations.

Developer Experience & Technical Enablement:

• Partner with developers through pair programming, coaching, and secure coding enablement.
• Integrate DevEx and CSAT insights into dashboards to improve developer and client experiences.
• Continuously evaluate DevSecOps tools, workflows, and architectures to eliminate friction and improve efficiency.
• Create feedback loops with the developer community to drive iterative enhancements to DevSecOps processes and tooling.

Architecture, Tooling & Platform Strategy:

• Strengthen resilience and scalability of AppSec tools, orchestration platforms, and assurance workflows.
• Assess and optimize scanning coverage, identifying gaps and recommending new tools and processes.
• Guide teams on integrating security into CI/CD pipelines using industry best practices.
• Support modernization initiatives, including AI/ML scanning, software supply chain security, and unified vulnerability management.

Leadership & Strategic Influence:

• Govern SOPs for all Application Security services and drive standardization across the organization.
• Collaborate with ES&F, CTO pipeline teams, and DevSecOps leadership on short- and long-term strategy.
• Identify automation opportunities to expand scale, reduce toil, and improve reliability.
• Provide thought leadership, contribute to Agile planning, and support enterprise-wide transformation efforts.

Qualifications

10+ years of related experience, including at least 3 years in an architect-level role.

Bachelor’s degree in a related field, or equivalent combination of training and experience.

Strong proficiency in at least one modern programming language.

Deep understanding of application development, build processes, and deployment pipelines.

Experience with cloud platforms and serverless architectures (AWS preferred).

Hands-on experience with CI/CD pipelines and Application Security scanning tools.

Relevant certifications in application development, security, DevSecOps, or cloud are a plus.