Consulting - Cyber - KDN - Consultant - Penetration Testing (AUS)
Bangalore, Karnataka, India
KPMG India
KPMG is a global network of professional firms providing Audit, Tax and Advisory services.We are recruiting candidates with 3-6 years of relevant prior experience in penetration testing.
Primary Technical Skills
- Web application penetration testing
- API penetration testing
- Network penetration testing
- Vulnerability assessments
Additionally, knowledge of mobile application pentesting, application security, vulnerability management, configuration reviews, security operations and monitoring or security architecture design would be an added advantage.
Behavioral / team skills
- Personal drive and positive work ethic to deliver results within tight deadlines and in demanding situations.
- Flexibility to adapt to a variety of engagement types, working hours and work environments and locations.
- Excellent written and verbal communication skills.
- Ability to think outside of the box and provide actionable solutions to challenges.
- Team player; self-driven and ability to work independently.
Roles and Responsibilities:
- Perform manual penetration testing against web applications, API’s (REST/SOAP) and network devices.
- Ability to demonstrate application testing experience in real time via demos to both internal and external audiences.
- Knowledge and experience of OWASP guidelines and methodologies.
- Ability to independently provide technical updates to stakeholders and mentor team members.
- Engage with technical and non-technical audiences to articulate both testing processes, techniques and results; guide technical audiences on remediation options and assist clients in weighing those options.
- Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice and support junior team members on tools and techniques in performing tests.
- Excellent technical report writing skills and ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations.
Qualifications
- Minimum 3 years of recent experience in penetration testing of web applications, API or network devices.
- Bachelor’s degree in an appropriate field from an accredited college/university or equivalent industry experience.
- One or more relevant certifications preferred: CEH, OSCP, GWAPT, CREST, OSWE, OSWA.
- Toolset knowledge: Burp Suite, Nessus, Nmap, Kali OS.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation Burp Suite CEH CREST GWAPT Kali Monitoring Nessus Nmap OSCP OSWE OWASP Pentesting Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.