Senior Cloud Security Engineer

Core Responsibilities Defines and owns the technical architecture for CSPM tooling, automation platforms, and integration frameworks — ensuring they scale reliably across thousands of cloud accounts and multiple business units. Designs system-level patterns (event-driven pipelines, API contracts, data models) that other engineers build on — establishing the foundational approach for how security findings flow from detection through prioritization to remediation.

Drives architectural decisions on platform extensibility, service boundaries, and data ownership — balancing near-term delivery against long-term maintainability as the program grows. Architects auto-remediation and shift-left enforcement systems that operate at org scale — designing for fault tolerance, auditability, and graceful degradation when upstream systems change.

Evaluates and selects tooling, frameworks, and integration patterns that the broader team adopts — owning the technical standards for how CSPM systems connect to enterprise infrastructure (CI/CD, CMDB, ITSM, identity providers). Partners with engineering leadership across Platform, DevOps, SRE, and application security teams to align on shared interfaces, data contracts, and remediation workflows that reduce friction at organizational boundaries.

Leads technical design reviews and mentors engineers on the team — raising the bar on code quality, system thinking, and operational readiness. Shapes the technical roadmap for AI-assisted security capabilities — evaluating where machine learning and LLM-based automation can meaningfully reduce risk or operational burden, and architecting the systems to deliver them.

Qualifications Minimum of five years related work experience required, with two years experience in cloud security preferred. Undergraduate degree in a related field or the equivalent combination of training and experience. Proficiency in Python, Go or TypeScript - production-grade, not just scripting Strong background in distributed systems concepts: event-driven architectures, async processing, API design, observability Hands-on experience across at least one of: AWS, GCP, Azure — at the level of org-wide account structures, landing zones, and cross-account security patterns and IAM at scale.

Track record of influencing technical direction beyond your immediate team Special Factors Sponsorship Vanguard is not offering visa sponsorship for this position. About Vanguard At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.