Senior Specialist in Application Security Penetration Testing

KPMG's Advisory practice is experiencing remarkable growth, driven by increased client demand. We value adaptability and collaboration in our team-oriented culture. At KPMG, our employees are our top priority, and we offer extensive learning and career development opportunities. Our facilities and market-leading tools enable continuous professional and personal growth. If you're seeking a supportive environment where you can be your authentic self, make a significant impact, enhance your skills, and discover new avenues of inspiration, consider advancing your career with us. KPMG is thrilled to invite applications for the position of Senior Specialist in Application Security Penetration Testing within our Managed Services practice. Responsibilities: • Perform manual application penetration testing on APIs (REST/SOAP), web applications, mobile applications, and thick client applications. • Engage in objective-based penetration testing initiatives. • Conduct threat modeling, assess application business logic, and review application architectures. • Demonstrate application testing expertise in real-time through presentations to both technical and non-technical audiences. • Operate independently during penetration testing projects with minimal oversight. • Maintain integrity, professionalism, and personal accountability to foster a respectful workplace at KPMG. Qualifications: • At least three years of recent experience in application penetration testing of APIs, web applications, or mobile applications. • Bachelor's degree from an accredited institution or equivalent industry experience. • Strong communication skills for reporting results to both technical and non-technical audiences and facilitating remediation discussions. • Proficiency with Burp Suite Pro and other application testing tools such as Netsparker and Checkmarx. • Preferred certifications: GIAC Web Application Penetration Tester (GWAPT), CREST, Offensive Security Web Expert (OSWE), or Offensive Security Web Assessor (OSWA). • Willingness to travel as required. • Authorization to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG offers a comprehensive compensation and benefits package. We are an equal opportunity employer and comply with all applicable laws regarding recruitment and hiring. All qualified applicants will be considered without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by law. KPMG recruits on a rolling basis. Candidates are encouraged to apply promptly for any positions of interest.