Systems Engineer -Web Application Penetration Tester: Vanguard Group

This will be HYBRID (3 days week), expected to be in the office on Tuesday/Weds/Thursday and remote the other two days.

Duration : 12 months

NEED DOB ( MM/DD)

NEED SSN ( LAST 4 DIGITS )

NEED LINKEDIN

NO VIOP OR GOOGLE VOICE NUMBERS PLEASE

NEED DL COPY

Must haves:

* 5-8 years experience

they need senior hands on pentester

* Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).

* Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.

* Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.

* Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.

* Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.

* Solid understanding of OWASP testing methodology.

* 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).

* Web application development or source code review experience.

* Strong knowledge of Windows and Linux operating systems.

* Working knowledge of containerized applications and container-based security controls and configurations.

* Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)