FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Application Security Pentester, Specialist
VanguardApplication Security Pentester executing penetration tests and security assessments at Vanguard. Collaborating with IT and business teams to enhance the organization’s overall security posture.
Posted 6/19/2026full-timeMalvern • North Carolina, Pennsylvania, Texas • 🇺🇸 United StatesMid-LevelSeniorWebsite
Tech Stack
Tools & technologiesCloudJavaPython
About the role
Key responsibilities & impact- Leads and executes penetration tests across a variety of technologies, including web applications, APIs, and AI-enabled systems.
- Performs manual and automated testing to identify, exploit, and validate vulnerabilities.
- Conducts other security assessments as needed, including Secure Code Reviews and/or Dynamic Application Security Testing (DAST).
- Develops detailed assessment reports and presents findings to technical teams and leadership.
- Coordinates security risk reporting and collaborates with IT sub-divisions, third-party partners, and business units to identify the impact of technology implementations on IT and business operations.
- Contributes to the evolution of team processes, testing methodologies, standards, and best practices.
- Maintains subject-matter expertise in common vulnerability classes and attack techniques (e.g., OWASP Top 10, OWASP Top 10 API, SANS Top 25), and remains familiar with relevant security frameworks (e.g., MITRE ATT&CK).
- Stays current on emerging threats, tools, and offensive security techniques.
- Participates in special projects and performs other duties as assigned.
Requirements
What you’ll need- Minimum five years related work experience with three years experience in IT security or application development.
- Undergraduate degree in related field or equivalent combination of training and experience.
- Hands-on experience performing web application, API, and network penetration testing.
- Preferred experience with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tooling.
- Experience in on or more of the following a plus: cloud penetration testing, mobile penetration testing, AI red teaming.
- Proficiency in at least one programming or scripting language (e.g., Python, Java).
- Preferred security certifications such as OffSec Certified Professional (OSCP), OffSec Web Assessor (OSWA), OffSec Web Expert (OSWE), GIAC Penetration Tester (GPEN), or GIAC Web Application Penetration Tester (GWAPT).
Benefits
Comp & perks- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
penetration testingmanual testingautomated testingSecure Code ReviewsDynamic Application Security TestingStatic Application Security Testingweb application testingAPI testingnetwork penetration testingprogramming
Soft Skills
leadershipcollaborationcommunicationreportingprocess improvement
Certifications
OffSec Certified ProfessionalOffSec Web AssessorOffSec Web ExpertGIAC Penetration TesterGIAC Web Application Penetration Tester