Manager, Cyber Assessment (Penetration Testing)

About

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, Cyber Assessment (Penetration Testing) to join our Digital Security Group.

Responsibilities

• Conduct detailed network and web application penetration tests
• Perform red teaming exercises to assess the detection capabilities of our security operations
• Engage in AI Red Teaming to improve the robustness and security of AI systems
• Facilitate security assessments and manage the resolution of identified vulnerabilities
• Stay current with the latest security trends and techniques
• Provide guidance and mentoring to junior team members
• Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment

Qualifications

• Minimum five years of recent practical experience in cybersecurity, focusing on network and web application penetration testing, red teaming, AI red teaming, cloud penetration testing, and security assessments
• Bachelor's degree from an accredited college or university is preferred; minimum of a high school diploma or GED is required; relevant certifications such as GPEN, OSCP, OSCE, CISSP, or similar are highly preferred; Certifications in Azure a plus
• Strong familiarity with frameworks such as MITRE ATT&CK and MITRE ATLAS, OWASP, PTES, and NIST
• Solid foundation in network and cloud security concepts, with hands-on experience in cloud penetration testing, and strong understanding of network penetration testing
• Proficiency in scripting and automation with experience in Python, Bash, or PowerShell; experience with adversarial machine learning techniques and familiarity with common ML frameworks and tools (prompt injection, data poisoning, and model evasion)
• Experience with common and emerging security threats, scanning tools, and assessment methodologies and demonstrated experience and understanding of security principles, IT security controls and related technologies and products; strong verbal/written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork
• Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Disability insurance
• Life insurance
• 401(k) plans
• Personal Time Off per fiscal year
• Two breaks each year where employees will not be required to use Personal Time Off (year end and around July 4th holiday)