Systems Engineer -Web Application Penetration Tester: Vanguard Group
Remote
Job Description
This will be HYBRID (3 days week), expected to be in the office on Tuesday/Weds/Thursday and remote the other two days.
Duration : 12 months
NEED DOB ( MM/DD)
NEED SSN ( LAST 4 DIGITS )
NEED LINKEDIN
NO VIOP OR GOOGLE VOICE NUMBERS PLEASE
NEED DL COPY
Must Haves
Duration : 12 months
NEED DOB ( MM/DD)
NEED SSN ( LAST 4 DIGITS )
NEED LINKEDIN
NO VIOP OR GOOGLE VOICE NUMBERS PLEASE
NEED DL COPY
Must Haves
- 5-8 years experience
- Experience in testing web-based APIs (i.e. REST, SOAP, XML, JSON).
- Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities.
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws.
- Experience developing actionable intelligence based on open source intelligence (OSINT) gathering.
- Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Solid understanding of OWASP testing methodology.
- 3+ years of experience using Burp Suite Pro or equivalent application (e.g. ZAP).
- Web application development or source code review experience.
- Strong knowledge of Windows and Linux operating systems.
- Working knowledge of containerized applications and container-based security controls and configurations.
- Possess current professional certification (i.e. GWAPT, OSCP, OSCE, GPEN)