Technology Consulting-DT Cyber Defense Senior

Mumbai, Maharashtra, India

Applications have closed

KPMG India

Welcome to KPMG International.

View all jobs at KPMG India

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Job Description: We are seeking a meticulous and experienced Secure Source Code Reviewer to join our team. The ideal candidate will have a strong background in software development, secure coding practices, and a keen eye for identifying security vulnerabilities within source code. This role involves reviewing and analyzing source code to ensure that security best practices are followed and to help mitigate potential security risks. Key Responsibilities: • Conduct Code Reviews: Perform detailed reviews of source code to identify security vulnerabilities, coding errors, and non-compliance with security standards. • Security Assessment: Evaluate code for common security issues such as injection flaws, cross-site scripting (XSS), broken authentication, and other OWASP Top 10 vulnerabilities. • Recommendations: Provide actionable recommendations to developers on how to remediate identified vulnerabilities and improve overall code security. • Collaboration: Work closely with development teams to understand application functionality and offer guidance on secure coding practices. • Documentation: Document findings and create detailed reports outlining security vulnerabilities, risk levels, and remediation steps. • Training: Assist in developing and delivering secure coding training sessions for development teams. • Stay Updated: Keep up-to-date with the latest security threats, vulnerabilities, and technology trends to ensure the organization’s code remains secure. Qualifications: • Education: Bachelor’s degree in Computer Science, Information Security, or a related field. • Experience: Minimum of 3-5 years of experience in software development, with a strong emphasis on secure coding practices. • Skills: o Proficient in one or more programming languages (e.g., Java, C#, Python, JavaScript). o In-depth knowledge of security principles and practices. o Familiarity with static and dynamic code analysis tools. o Understanding of web application security concepts and protocols. o Strong analytical and problem-solving skills. o Excellent communication skills, both written and verbal. o Ability to work independently and as part of a team. Preferred Qualifications: • Certifications: Relevant security certifications such as CEH, Certified Secure Software Lifecycle Professional (CSSLP) • Experience: Previous experience in a similar role within a cybersecurity or software development environment. • Tools: Experience with security tools such as SonarQube, Checkmarx, Fortify, or similar. • Knowledge: Familiarity with secure coding frameworks and standards such as OWASP, SANS, and CERT.

Equal employment opportunity information 


KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
Certifications: Relevant security certifications such as CEH, Certified Secure SoftwareLifecycle Professional (CSSLP)• Experience: Previous experience in a similar role within a cybersecurity or softwaredevelopment environment.• Tools: Experience with security tools such as SonarQube, Checkmarx, Fortify, or similar.• Knowledge: Familiarity with secure coding frameworks and standards such as OWASP,SANS, and CERT

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: Consulting Jobs

Tags: Application security C CEH CERT Checkmarx Code analysis Compliance Computer Science CSSLP Cyber defense Java JavaScript OWASP Python SANS Scripting Security assessment SonarQube Vulnerabilities XSS

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.