KPMG's Advisory practice is growing rapidly, and we are eager to meet the rising demands of our clients. In this fast-paced environment, our professionals must be versatile and excel in a collaborative culture. At KPMG, we value our people and provide extensive learning and career development opportunities. Our state-of-the-art training facility and advanced market tools ensure that our team members continue to develop both professionally and personally. If you're looking for a firm where you can truly be yourself, make a meaningful impact, enhance your skills, and discover new areas of inspiration, we invite you to explore a fulfilling career in Advisory. We are currently looking for a Senior Application Security Testing Specialist to join our Managed Services practice. Responsibilities: • Conduct manual application penetration testing on APIs (REST/SOAP), web applications, mobile applications, and thick client applications. • Undertake objective-based penetration testing engagements. • Implement threat modeling, analyze application business logic, and perform architecture reviews. • Showcase real-time application testing experience through presentations to both internal teams and external stakeholders. • Operate independently during penetration testing engagements with minimal supervision. • Maintain KPMG's standards of integrity, professionalism, and accountability in all interactions. Qualifications: • A minimum of three years of relevant experience in application penetration testing for APIs, web applications, or mobile applications. • Bachelor's degree from an accredited institution or relevant industry experience. • Strong communication skills to effectively convey findings to both technical and non-technical audiences as well as lead discussions on remediation. • Proficiency with Burp Suite Pro and other application testing tools such as Netsparker and Checkmarx. • Preferred (but not required): certification in major ethical hacking frameworks such as GIAC Web Application Penetration Tester (GWAPT), CREST, Offensive Security Web Expert (OSWE), or Offensive Security Web Assessor (OSWA). • Willingness to travel as needed. • Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG offers a robust benefits package, including various medical and dental plans, vision coverage, life insurance, 401(k) plans, and wellness benefits. Personal Time Off is available each fiscal year, along with designated holiday breaks. Detailed benefits information can be found on the KPMG US Careers site. KPMG is an equal opportunity employer committed to compliance with all recruitment and hiring laws. We encourage candidates to apply promptly, as we consider applicants on a rolling basis until the position is filled. Job duties for this position are outlined above. Criminal history may impact job qualifications concerning the responsibilities stated. We will consider qualified applicants with arrest and conviction records in compliance with applicable laws.