Lead Specialist, MAST Penetration Testing Manager

Lead Specialist, MAST Application Penetration Testing Manager

Join to apply for the Lead Specialist, MAST Application Penetration Testing Manager role at KPMG US.

We are seeking a Lead Specialist, MAST Application Penetration Testing Manager to join our Managed Services practice.

• Provide strategic direction for application penetration testing teams to develop growth of the services solution and manage client engagements; demonstrate exceptional technical capability in application penetration testing from a manual perspective.
• Lead client engagements and provide technical leadership as well as advice to team members on application penetration testing engagements.
• Promote and enable thought leadership, as well as growth and learning amongst team members.
• Engage with non-technical audiences around testing processes and techniques, as well as report read-outs; guide technical audiences on remediation options and assist them in weighing those options.
• Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice, mentor onshore and offshore team members on tools and techniques in performing testing; operate as a mentor and people leader to foster career growth amongst team members.
• Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment.

• Minimum five years of recent experience working with application penetration tools to perform security tests such as App Scan, Netsparker, Acunetix, ZAP, Veracode, Burp Suite or equivalent; minimum five years of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations; minimum five years of recent experience leading application security testing teams in a consulting environment.
• Bachelor's degree from an accredited college/university or equivalent industry experience.
• Possess one or more major ethical hacking certifications not required but preferred;
  Certified Information Systems Security Professional (CISSP), GIAC Web Application Penetration Tester (GWAPT), Council of Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA).
• Experience in one or more areas such as mobile application testing, code development, manual code analysis and/or static analysis using Veracode, Fortify, Sonar Qube, Checkmarx, Contrast or equivalent preferred.
• Ability to travel as required.
• Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa).