Senior Specialist, MAST Application Penetration Tester
Job Description
KPMG offers an onsite opportunity in Los Angeles, California for a Senior Specialist, MAST Application Penetration Tester. This role features a salary range of USD 95,855 to 208,265 per year and a comprehensive benefits package focused on health, retirement savings, and personal well being. The environment prioritizes professionalism, integrity, and a respectful, courteous culture.
Benefits
- Medical and dental plans
- Vision coverage
- Disability and life insurance
- 401(k) plans
- Personal well being benefits
- Personal Time Off per fiscal year
- Holidays observed
- Two breaks each year where employees will not be required to use Personal Time Off
Role overview
Based in Los Angeles and operating onsite within the Managed Services practice, this role focuses on manual penetration testing of APIs (REST and SOAP), web applications, mobile apps, and thick client applications. The individual leads remediation discussions and demonstrates testing capabilities to both internal teams and external audiences.
Responsibilities
- Conduct manual application penetration testing against APIs (REST/SOAP), Web Applications, Mobile applications, and thick client applications
- Execute engagements defined by abstract penetration testing objectives
- Perform threat modeling, evaluate application business logic, and conduct architecture reviews
- Present real time demos of testing work to internal and external audiences
- Work independently on penetration testing engagements with minimal oversight and guidance
- Uphold integrity, professionalism, and personal accountability to support KPMG's respectful and courteous work environment
Requirements
- Minimum three years of recent experience in application penetration testing of APIs, web applications, or mobile applications
- Bachelor's degree from an accredited college/university or equivalent industry experience
- Ability to communicate reporting results to technical and non technical audiences and lead remediation conversations
- Experience with Burp Suite Pro and other app testing tools such as Netsparker and Checkmarx
- One or more major ethical hacking certifications preferred; GWAPT, CREST, OSWE, OSWA
- Ability to travel as required
- Authorized to work in the United States without sponsorship now or in the future; no visa sponsorship is available for this opportunity
Technologies
- Burp Suite Pro
- Netsparker
- Checkmarx
Similar Jobs
J