Provides expert level technical support for cyber threats and threat attack methodologies. Collects and analyzes system data to identify, contain, mitigate, and recover from cyber security threats or incidents. Conducts research and gathers information from global threat intelligence sources, pertaining to emerging cyber threats and threat attack methodologies.Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.We're seeking a highly skilled and motivated offensive security professional with a passion for Red Teaming and adversarial simulation. This role is ideal for someone who thrives on uncovering weaknesses in complex systems, particularly across web applications and cloud infrastructure, and who can think like an attacker to help us stay ahead of evolving threats.Key Responsibilities:Lead and execute advanced web application penetration tests and cloud-focused Red Team engagements simulating real-world adversaries.Identify, exploit, and document vulnerabilities in web apps, APIs, and cloud platforms (AWS, Azure, GCP), delivering actionable risk assessments and remediation guidance.Design and conduct adversarial simulations to test detection and response capabilities across hybrid environments.Collaborate with development, cloud, and security engineering teams to harden applications and infrastructure.Develop and maintain custom tools, scripts, and payloads to support Red Team operations and web/cloud exploitation.Produce detailed, high-impact reports and debriefs for both technical and executive audiences.Stay ahead of the curve by researching emerging threats, TTPs, and vulnerabilities relevant to web and cloud ecosystems.Contribute to threat modeling, purple team exercises, and incident response investigations.Mentor junior team members and foster a culture of continuous learning and offensive innovation.Required Qualifications:Proven experience in Red Team operations, adversary emulation, or advanced penetration testing.Deep expertise in web application security, including OWASP Top 10, authentication/authorization, session management, and input validation.Strong hands-on experience with cloud platforms (AWS, Azure, GCP) and their security models.Proficiency with offensive tooling such as Burp Suite, Cobalt Strike, Metasploit, custom scripts, and cloud-native attack tools.Demonstrated ability to exploit vulnerabilities such as SQLi, XSS, CSRF, SSRF, RCE, XXE, IDOR, and privilege escalation in cloud environments.Familiarity with frameworks like MITRE ATT&CK, PTES, and NIST 800-115.Strong scripting/programming skills (Python, PowerShell, Bash, JavaScript) for automation and exploit development.Excellent communication skills and the ability to clearly articulate complex findings to diverse audiencesOffensive Security Certified Professional (OSCP) requiredPreferred Certifications:OSWE (Offensive Security Web Expert) OSEP (Offensive Security Experienced Penetration Tester) techniques.CRTO (Certified Red Team Operator) GXPN (GIAC Exploit Researcher and Advanced Penetration Tester) GCPN (GIAC Cloud Penetration Tester) Additional Skills (Preferred but not Required):Cloud-native attack simulation: Experience with adversary emulation in AWS, Azure, or GCP using tools like Pacu, CloudGoat, or custom scripts.Detection evasion and stealth techniques: Familiarity with bypassing EDR, WAFs, and other security controls during Red Team operations.Purple teaming collaboration: Ability to work closely with Blue Teams to improve detection and response through collaborative exercises.CI/CD pipeline exploitation: Understanding of how to identify and exploit weaknesses in DevOps workflows and build systems.Knowledge of identity and access abuse: Skills in abusing SSO, OAuth, SAML, and misconfigured IAM roles or policies.Experience with threat intelligence: Ability to incorporate real-world TTPs from APT groups or threat actors into Red Team scenarios.Special FactorsSponsorshipVanguard is not offering visa sponsorship for this position.About VanguardAt Vanguard, we don't just have a mission--we're on a mission.To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.How We WorkVanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
...KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative...
...and presentations to ensure accuracy and timeliness.~Support various administrative tasks and back-office functions, including data entry and document management in CRM, SharePoint, and other corporate systems (both physical and digital), to facilitate smooth office...
...Our ideal location is New York, but we are open to other remote locations. As the Americas Banking Go-to-Market Leader, you will drive the go-to-market strategy for the United States, Canada, and South America. You will play a pivotal role in accelerating growth...
...General Overview As an ultrasound technician, you are responsible for getting clear imaging results, which requires proper use of the... ...you can provide answers and assistance. Job Description Travel to various healthcare sites in the area Perform diagnostic exams...
...Job Description GardaWorld Security Services is Now Hiring a Surveillance Security Officer! Ready to suit up as a Surveillance Security Guard? What matters most about a role like this is your sharp eye, capturing every detail as you scan a series of screens. Tell...