- Home
- Remote Jobs
- Software Supply Chain Security Specialist
Date Posted
Yesterday
New!Remote Work Level
Hybrid Remote
Location
Hybrid Remote in Dallas, TX, Fort Worth, TX, Malvern, PA, Malvern, NC
Job Schedule
Full-Time
Salary
We're sorry, the employer did not include salary information for this job.
Benefits
Professional/Career Development
Categories
Cyber Security, Product Manager, Project Manager, Software Engineer, Back End Developer, Developer, Front End Developer, Web Developer, Java Developer, Python
Job Type
Employee
Career Level
Experienced
Travel Required
No Specification
Education Level
We're sorry, the employer did not include education information for this job.
About the Role
Title: Software Supply Chain Security Specialist
Locations: Malvern, PA
Charlotte, NC
Dallas/Ft. Worth, TX
time type
Full time
Hybrid
job requisition id
179432
Job Description:
Core Responsibilities
-
Define and own enterprise software supply chain security strategy, roadmap, and governance
-
Establish policies and guardrails for SBOM, artifact signing, provenance, and dependency usage
-
Embed security controls across SDLC, CI/CD pipelines, and artifact repositories
-
Implement and enforce SBOM generation, validation, and artifact integrity controls
-
Collaborate with stakeholders and lead risk-based vulnerability management for open-source and third‑party components
-
Collaborate with stakeholders and define remediation workflows, SLAs, and exception handling for supply chain risks
-
Own tooling strategy for SCA, container scanning, and supply chain security automation
-
Integrate and optimize security tooling within CI/CD for scalable enforcement
-
Maintain inventory and visibility of dependencies, SBOMs, and third-/fourth-party exposure
-
Partner with AppSec, DevSecOps, and platform teams to drive secure development adoption
-
Enable developers via playbooks, guardrails, and self-service secure consumption patterns
-
Define metrics and report on supply chain risk posture, remediation effectiveness, and maturity
Nice-to-Have
-
Experience with AI/ML pipeline security
-
Exposure to AIBOM / advanced SBOM evolution
-
Knowledge of zero-trust supply chain models
Qualifications
-
Minimum of five years related work experience.
-
Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
-
7–10+ years in AppSec / DevSecOps / platform security
-
Hands-on experience with SCA + pipeline security
-
Certifications preferred (CISSP, CSSLP, AAISM or equivalent etc.)
-
Programming/scripting (Python, Java, YAML)
Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.
About Vanguard
At Vanguard, we don't just have a mission—we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.