What is your track record in penetration testing, vulnerability management, or application security engineering?