KGS | EWT Security | Security Technical Assessment Analyst - Assistant Manager

Pune, Maharashtra, India

Applications have closed

KPMG India

Welcome to KPMG International.

View all jobs at KPMG India

The role involves supporting the end-to-end Security Technical Assessment service. The security Technical Assessments service helps defend KPMG and its clients by ensuring Security Technical assessments of KPMG information assets are performed and pro-actively driving findings and remediations in conjunction with Enterprise wide and Technology engineering teams, in alignment with KPMG risk objectives.

The Security Technical Assessment Analyst will:

  • Work collaboratively with internal stakeholders and external 3rd parties to 
    • perform security technical configuration reviews, 
    • perform security technical assessments, 
    • support the delivery of security testing across the software development lifecycle on technology solutions & services,
    • proactively manage the end-to-end penetration testing process for technology solutions,
    • provide risk-based pragmatic technical security advice and recommendations.
  • Lead on internal red team exercises to
    • Coordinate Red Team Operations: Oversee the planning, execution, and reporting of red team exercises to identify vulnerabilities and improve the organization’s security posture. Ensure alignment with industry standards and best practices. 
    • Develop and Implement Strategies: Create and maintain comprehensive red team strategies, including threat modelling, attack simulations, and penetration testing. Collaborate with other security teams to integrate findings into the overall security framework.
    • Foster a culture of continuous improvement and innovation within the team to stay ahead of emerging threats.
  • Maintain good relationships with internal stakeholders and ensure customer satisfaction, by delivering quality service and escalation of issues as necessary.
  • Influence colleagues to drive technical remediation in a collaborative manner in line with KPMG risk appetite.
  • Identify and drive security technical assessments service improvements, especially using automation.
  • Provide advice to security technical assessments service owner on ways to improve control mechanisms, identify, evaluate, and mitigate risks,
  • Provide analysis on trends and proactively highlight issues and areas of concern.
  • Create any required documentation to support the security technical assessment conducted.
  • Maintain and update service documentation, such as process guides.
  • Assist with reporting to leadership and other service stakeholders on service performance (against KPIs) and risk exposure (against KRIs).

 

 

You must have:

  • Very good and relevant experience in a similar security technical assessment analysis and red team testing role.
  • Understanding of tooling associated with security technical assessments such as AWS Config, Azure Policy, Static Application Security Testing and Dynamic Application Security Testing.
  • Experience and knowledge in security technical assessments of applications and infrastructure within the Cloud, such as AWS and Azure.
  • Experience working with external penetration testing vendors.
  • Experience of successfully working in a fast paced, customer service environment, delivering high quality information security services. 

 

It would be advantageous if you can demonstrate some, or all:

  • Experience and knowledge of container or serverless platforms.
  • PowerShell scripting
  • Any security or vulnerability management product certification.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Application security Automation AWS Azure Cloud DAST KPIs Pentesting PowerShell Red team SAST Scripting SDLC Vulnerabilities Vulnerability management

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.