Apply on Employer Site

KPMG US · 13 hours ago

Lead Specialist, MAST Application Penetration Testing Manager

Chicago, IL

Full-time

Hybrid

Mid, Senior Level

$108K/yr - $231K/yr

5+ years exp

KPMG is a leading advisory firm experiencing significant growth and client demand. They are seeking a Lead Specialist, MAST Application Penetration Testing Manager to provide strategic direction for application penetration testing teams, lead client engagements, and foster career growth among team members.

Financial Services

No H1B

Responsibilities

Provide strategic direction for application penetration testing teams to develop growth of the services solution and manage client engagements; demonstrate exceptional technical capability in application penetration testing from a manual perspective

Lead client engagements and provide technical leadership as well as advice to team members on application penetration testing engagements

Promote and enable thought leadership, as well as growth and learning amongst team members

Engage with non-technical audiences around testing processes and techniques, as well as report read-outs; guide technical audiences on remediation options and assist them in weighing those options

Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice, mentor onshore and offshore team members on tools and techniques in performing testing; operate as a mentor and people leader to foster career growth amongst team members

Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment

Qualification

Application penetration testingEthical hacking certificationsApplication penetration toolsMobile application testingStatic analysis toolsClient engagementTechnical leadershipTeam mentoring

Required

Minimum five years of recent experience working with using application penetration tools to perform security tests such as AppScan, Netsparker, Acunetix, ZAP, Veracode, BurpSuite or equivalent

Minimum five years of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations

Minimum five years of recent experience leading application security testing teams in a consulting environment

Bachelor's degree from an accredited college/university or equivalent industry experience

Ability to travel as required

Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future

Preferred

Possess one or more major ethical hacking certifications not required but preferred; Certified Information Systems Security Professional (CISSP), GIAC Web Application Penetration Tester (GWAPT), Council of Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA)

Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or equivalent preferred