Title: Senior Security Assurance Specialist
Location:
Charlotte, NC
Dallas/Ft. Worth, TX
Malvern, PA
Scottsdale, AZ
Job Description:
The Security Assurance Specialist III leads the end‑to‑end coordination and execution of application and infrastructure security risk assessments, ensuring consistent, timely, and high‑quality identification of cybersecurity risks and vulnerabilities. The role partners closely across cybersecurity, IT engineering teams, and business stakeholders to enable effective risk and vulnerability management across the enterprise.
Acting as the central assessment orchestration function, the specialist manages assessment intake, prioritization, scheduling, documentation, execution tracking, reporting, and vulnerability workflow oversight. The role blends deep cybersecurity risk expertise with strong program and project management discipline, leveraging Agile and Scrum‑based practices to meet defined SLAs, quality standards, and reporting expectations.
The Security Assurance Specialist III provides expert‑level technical guidance in evaluating and strengthening the security posture of Vanguard’s systems, architectures, and configurations. This role coordinates and leads comprehensive security assessments, validates risk findings, and supports remediation strategies across critical business applications, infrastructure, networks, and web platforms. Through close collaboration with technology and business partners, the specialist influences secure solution design, drives strategic security improvements, and supports the continuous maturation of Vanguard’s security capabilities.
• *this Hybrid Role (in office Tues-Wed-Thurs) is based in Charlotte, NC, Dallas, TX, or Malvern, PA**
Key Responsibilities:
Provide programmatic support and coordination for application and infrastructure security assessments.
Own and manage the assessment lifecycle from intake through final reporting and closure.
Coordinate assessment scheduling across multiple concurrent engagements, balancing priorities, dependencies, and resource availability.
Partner with application teams, infrastructure owners, and product stakeholders to gather pre‑assessment information, technical documentation, architecture diagrams, and required artifacts.
Ensure assessment scope, assumptions, and prerequisites are clearly defined and validated prior to execution.
Engage and coordinate assessment resources across cybersecurity and relevant IT divisions (e.g., engineering, infrastructure, cloud, platform teams).
Act as the primary point of coordination between assessment teams and technology stakeholders to resolve scheduling conflicts, clarify requirements, and manage expectations.
Facilitate effective communication across technical and non‑technical audiences, ensuring transparency of status, risks, and dependencies.
Escalate risks, delays, or resource constraints in a timely and structured manner.
Ensure accurate and timely tracking of assessment activities, milestones, and deliverables leveraging enterprise toolsets and applications.
Maintain high data quality standards for assessment records, findings, vulnerabilities, and workflow states in assessment and vulnerability tracking platforms.
Coordinate the publication of draft and final assessment reports, ensuring appropriate review cycles, approvals, and distribution to stakeholders.
Support audit‑ready documentation and traceability across assessments, findings, and risk decisions.
Support the collection, review, and routing of identified vulnerabilities through defined remediation, exception, or risk acceptance workflows.
Coordinate vulnerability review and acceptance processes with technology owners, risk stakeholders, and governance bodies.
Ensure vulnerabilities are properly documented, tracked, and dispositioned in alignment with enterprise risk standards and timelines.
Monitor remediation progress and support reporting on overdue, at‑risk, or escalated items.
Support the collection, analysis, and reporting of assessment program metrics, including throughput, cycle time, backlog, and SLA adherence.
Produce regular operational and management reporting to support capacity planning, prioritization, and performance transparency.
Identify trends, bottlenecks, and improvement opportunities across the assessment lifecycle.
Contribute to the continuous improvement of assessment processes, tooling, templates, and operating procedures.
Apply program and project management best practices to manage complex, multi‑workstream assessment activities.
Maintain assessment roadmaps, intake queues, and execution plans aligned to business and technology priorities.
Leverage Agile and Scrum‑style practices where appropriate, including backlog management, sprint planning, stand‑ups, retrospectives, and dependency tracking.
Act as a Scrum Master‑like facilitator for assessment delivery, removing impediments and enabling teams to operate efficiently.
Support change management, stakeholder commun