Cyber Defence Services - Consultant

Job title: Cyber Defence Services - Consultant

Location: UK

Line of Business: Advisory - Risk Consulting Service Area: Cyber Security 

Roles and Responsibilities

The Role

At KPMG we are looking for a Consultant who lives and breathes hacking and information security. You will be ready to jump into delivering CHECK work, and assessments across the private sector.

In return we will provide some of the UK’s most unique government and commercial engagements for you to cut your teeth on and a friendly, passionate team to develop and grow.

The Team

The KPMG’s Cyber Defence (CDS) Team conducts client facing technical assurance and penetration testing and has a long and successful history in KPMG. Our clients are diverse and we cover many sectors with particular specialisms in Financial Services, High-end Defence Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing (https://www.ncsc.gov.uk/blog-post/ncsc-cross-domain-industry-pilot-stage-2) and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn’t on offer elsewhere.

Our team is made up of skilled individuals at different stages in their careers, centred around three locations in Leeds, Bristol and London, therefore we are able to offer flexibility in base location, as well as embracing remote working.

What will you be doing?

HACKING!

Learning and developing penetration testing skills in: Infrastructure, Application (web, mobile, desktop), Cloud and AI. Working through a clear and defined certification pathway.

Delivering penetration tests to some of our most prestigious clients through well established frameworks.

Collaborating with senior testers to identify vulnerabilities and simulate real-world attack scenarios.

Documenting findings in clear, actionable reports to help clients enhance their posture.

Staying up-to-date with the latest treds, tooling, techniques to continuously improve testing approaches.

What will you need to do it?

Some demonstrable practical experience in penetration testing and vulnerability assessments

Understanding of common vulnerabilities and how to exploit or mitigate them.

Basic Knowledge of network security, application security and cloud security principles.

A passion for all things hacking and the drive to learn more.

Excellent communication and report writing skills.

Skills we’d love to see/Amazing Extras:

Experience in generating and writing clear, concise and actionable penetration testing reports

Hands-on familiarity with tools such as Burp Suite, Nessus, Qualys and other industry testing tools.

Experience to scripting or automation tools, such as Python, Bash or PowerShell.

Desirable to have any penetration testing qualifications (CompTIA, CPSA or OSCP) but by no means essential.

Qualifications and Skills

Qualifications are a good way to demonstrate knowledge but are not the be all and end all, our team is made up of a large number of individuals with diverse backgrounds who all share the “hacker mindset”.

If you have the experience then we want you to apply. Didn’t do a degree in information security? A-Levels weren’t as good as you hoped. Haven’t attended every SANS course going, we don’t mind!

Above all, KPMG is looking for someone who is passionate about helping our clients (including the UK Government) with their cyber security challenges. In return, we are committed to helping you enjoy the role and develop your skills and career within the KPMG network