Specialist, Security Tester
KPMG is a leading advisory firm that is currently seeking a Specialist, Security Tester to join their Advisory Services practice. The role involves performing automated application and network penetration tests to identify and exploit vulnerabilities, as well as conducting dynamic and static application security tests.ResponsibilitiesPerform automated application / network penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applicationsExecute dynamic application security tests on web applications and static application security tests on source code, including identifying false positives and reprioritizing findings severityConduct vulnerability analysis against internal and external networks leveraging automation techniques and solutionsElevate to executing independently in either the application or network domain within one year of serviceAct with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environmentSkillsMinimum one year of recent experience performing application and/or network penetration tests using tools such as AppScan, NetsSparker, Acunetix, BurpSuite, OWASP ZAP, Tenable Nessus, Qualys, Kali Linux, Metasploit, or equivalent; minimum one year of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversationsBachelor's degree from an accredited college or university is requiredAbility to travel as necessaryApplicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)Experience in one or more of the following a plus: mobile application testing, manual code analysis, and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or equivalentExperience in one of the following a plus: Python, JavaScript, PHP, C/C++, SQL, and moreOne or more ethical hacking certifications preferred (for example: CEH, GWAPT, GPEN, OSCP, OSWA)BenefitsComprehensive, competitive benefits packageMedical and dental plansVision coverageDisability and life insurance401(k) plansRobust suite of personal well-being benefits to support your mental healthPersonal Time Off per fiscal yearCalendar of holidays to be observed during the yearTwo breaks each year where employees will not be required to use Personal Time OffCompany OverviewKPMG is one of the worldβs leading professional services firms and the fastest growing Big Four accounting firm in the United States. It was founded in 1987, and is headquartered in New York, NY, US, with a workforce of 10001+ employees. Its website is http://www.kpmg.com/US.
Apply Now
Apply Now