Cyber Security Senior Consultant (VAPT Security & Assessment)
Cyber Security Senior Consultant
At KPMG, we offer fascinating, challenging and well rewarded careers.
At KPMG, we offer fascinating, challenging and well rewarded careers.
ADVISORY (IT - ADVISORY) - CYBER SECURITY SENIOR CONSULTANT (VAPT SECURITY & ASSESSMENT)
Responsibilities:
- Performs Vulnerability Assessment and Penetration Testing (VAPT)
- Subject Matter Expert for Infrastructure and/or Application Security and provides consultative recommendations in discussions related to Vulnerability Assessment and Penetration Testing
- Uses manual testing techniques and methods to gain a better understanding of the applications/mobile app environment and reduce false negatives.
- Documents findings and recommendations, and present with stakeholders from technical team (Development, Infrastructure) and non-technical team (Operations, Management)
- Conducts security assessments aligned with industry best practice and standards
Qualifications:
- Graduate of Bachelor of Science in Information Technology, Computer Science and the equivalent courses.
- Has at least 3 years of experience in security testing (VAPT, Source Code Review, Configuration Review, Architecture Review, Controls Review)
- Has 2 years of experience in governance, risk and compliance
- Has a strong knowledge in System & Network Infrastructure, API and Mobile Application Development
- Has an in-depth knowledge of OWASP Top 10 and CVEs, and the ability to effectively communicate methodologies and techniques with development teams and operations
- Has a strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS, PCI DSS and SWIFT CSP (Secondary)
- Has hands-on experience with security testing tools such as Nessus, Burpsuite, Qualys and others
- Has an understanding of Cloud Compute, Storage, Security and Virtualization best practice
- Has experience working on Unix, Windows & Linux platforms
- Has at least one of the following certifications:
- EC Council CEH or Mile2 CPEH (Preferred Primary)
- CompTIA Security +
- ISMS Lead Auditor or ISACA CISA
- Other certifications with ISC2, CompTIA, EC Council, OSCP, CREST or SANS
- Excellent verbal and written communication, presentation, and interpersonal skills.
- Willing to handle global engagements and work in a shifting schedule.