Systems Engineer -Web Application Penetration Tester: Vanguard Group

This will be HYBRID (3 days week), expected to be in the office on Tuesday/Weds/Thursday and remote the other two days. Duration : 12 months NEED DOB ( MM/DD) NEED SSN ( LAST 4 DIGITS ) NEED LINKEDIN NO VIOP OR GOOGLE VOICE NUMBERS PLEASE NEED DL COPY Must haves: 5-8 years experience they need senior hands on pentester Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON). Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. Experience developing actionable intelligence based on open source intelligence (OSINT) gathering. Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc. Solid understanding of OWASP testing methodology. 3 years of experience using Burp Suite Pro or equivalent application (e.g. ZAP). Web application development or source code review experience. Strong knowledge of Windows and Linux operating systems. Working knowledge of containerized applications and container-based security controls and configurations. Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)