Duties and Responsibilities
Lead hands-on container security efforts across AWS environments (ECS, EKS, and Serverless), including image scanning, runtime visibility, and risk remediation.
Utilize Wiz to assess and remediate container, cloud configuration, and workload risks across build and runtime environments with risk-based prioritization.
Drive implementation and maturity of container security controls, including coverage, enforcement, and operational monitoring.
Assess vulnerabilities across container images, dependencies, and deployment pipelines, and drive remediation with engineering teams.
Develop and implement strategies to secure cloud-native workloads with a focus on containers and serverless architectures across AWS, extending consistent security controls to other cloud platforms (Azure, GCP) where applicable.
Partner with platform and engineering teams to ensure secure configurations, hardened base images, and consistent runtime protection.
Identify and execute automation opportunities to improve container security processes and reduce manual effort.
Leverage AI/ML-driven capabilities to enhance container and cloud threat detection, enable risk-based prioritization, and support automated remediation across build and runtime environments.
Gather and report metrics to provide visibility into container security posture and program maturity.
Provide guidance and training on secure container development, image hygiene, and deployment best practices.
Maintain documentation for container security processes, tools, and standards.
Qualifications
Undergraduate degree in a related field or equivalent experience.
Strong hands-on experience securing containerized environments in AWS (ECS/EKS) and serverless workloads, with working knowledge of container platforms in other cloud providers (Azure AKS, GCP GKE)
Experience with Wiz for container, cloud, and configuration risk visibility and remediation.
Strong understanding of container lifecycle, image management, and runtime security concepts.
Experience with CI/CD pipelines, cloud-native architectures, and deployment processes.
Experience with application security tools (SAST, SCA, IAST, DAST) is a plus.
Familiarity with industry frameworks such as NIST, OWASP, and MITRE.
Relevant certifications in cloud, containers, or DevSecOps are a plus.
Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.About Vanguard
At Vanguard, we don't just have a mission—we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
Based on 1,678 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $181K (10th–90th percentile: $95K–$216K).
See the full Security salary breakdown →