×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Supply Chain Security Specialist

Job in Malvern, Hot Spring County, Arkansas, 72104, USA
Listing for: 慨正橡扯
Full Time position
Listed on 2026-06-25
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below

Job Overview

The Software Supply Chain SME serves as the technical authority responsible for securing the end-to-end software supply chain, ensuring the integrity, provenance, and risk posture of all code, dependencies, and artifacts across the SDLC. This role defines and enforces security standards, integrates controls within CI/CD pipelines, and leads enterprise initiatives such as SBOM adoption, artifact signing, and open-source risk management. The SME partners with App Sec, Dev Sec Ops , and engineering teams to embed secure development practices, drive vulnerability remediation, and enhance developer enablement—while providing governance, metrics, and strategic guidance to reduce supply chain risk at scale.

Core

Responsibilities
  • Define and own enterprise software supply chain security strategy, roadmap, and governance
  • Establish policies and guardrails for SBOM, artifact signing, provenance, and dependency usage
  • Embed security controls across SDLC, CI/CD pipelines, and artifact repositories
  • Implement and enforce SBOM generation, validation, and artifact integrity controls
  • Collaborate with stakeholders and lead risk-based vulnerability management for open-source and third‑party components
  • Collaborate with stakeholders and define remediation workflows, SLAs, and exception handling for supply chain risks
  • Own tooling strategy for SCA, container scanning, and supply chain security automation
  • Integrate and optimize security tooling within CI/CD for scalable enforcement
  • Maintain inventory and visibility of dependencies, SBOMs, and third-/fourth-party exposure
  • Partner with App Sec, Dev Sec Ops , and platform teams to drive secure development adoption
  • Enable developers via playbooks, guardrails, and self-service secure consumption patterns
  • Define metrics and report on supply chain risk posture, remediation effectiveness, and maturity
Nice-to-Have
  • Experience with AI/ML pipeline security
  • Exposure to AIBOM / advanced SBOM evolution
  • Knowledge of zero-trust supply chain models
Qualifications
  • Minimum of five years related work experience.
  • Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
  • 7–10+ years in App Sec / Dev Sec Ops  / platform security
  • Hands‑on experience with SCA + pipeline security
  • Certifications preferred (CISSP, CSSLP, AAISM or equivalent etc.)
  • Programming/scripting (Python, Java, YAML)
Special Factors

Vanguard is not offering visa sponsorship for this position.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search