Ethical Hacker Jobs

About The Position

Requirements

• Minimum four years related work experience.
• Undergraduate degree in related field or equivalent combination of training and experience.

Nice To Haves

• Experience in IT security or application development preferred.
• Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Responsibilities

• Conducts security assessments to measure the adequacy of existing information security controls. Identifies potential and actual system vulnerabilities and emerging strategic security needs, and recommends corrective measures.
• Consults with IT sub-divisions, third party partners, and business units in defining standard consistent reporting formats and providing standard data reports.
• Participates and documents evaluation and assessment of security requirements for data systems, networks, or websites.
• Leads technical support for assessments of assets, risks, and the implementation of appropriate data security procedures and products.
• Assists in the review, development, testing, and implementation processes for security plans, risk assessments, products and control techniques.
• Administers asset inventory and assessment schedules, and provides metrics on security consulting resources, assists with managing vendor relationships.
• Participates in special projects and performs other duties as assigned.
• Led hands-on application security execution across SAST, SCA, and DAST, using prior experience to guide the team and consistently deliver on critical priorities.
• Drove onboarding and configuration of Application Security(AppSec) scanning tools for SAST, SCA across CI/CD environments, including authentication setup and integration with target applications.
• Designed and refined DAST, API, Containers security requirements and architecture patterns, aligning with enterprise design principles and emerging threat models.
• Performed deep vulnerability analysis and remediation guidance, working directly with developers to resolve issues efficiently across the SDLC.
• Advanced Application Security modernization efforts, bringing external AppSec expertise while applying strong knowledge of internal Vanguard processes to modernize SAST, SCA, and onboarding DAST tooling.
• Focused on automation, metrics, and developer experience, improving AppSec coverage, reporting maturity, and reducing friction for engineering teams.