Senior Specialist, MAST Application Penetration Tester
Job Description
KPMG seeks a Senior Specialist for MAST Application Penetration Testing to perform manual assessments across APIs, Web and Mobile apps, and thick clients within the Managed Services practice.
Responsibilities
- Perform manual penetration testing of API endpoints (REST and SOAP), web applications, mobile apps, and thick-client software.
- Deliver objective results within defined penetration testing engagements.
- Conduct threat modeling, assess business logic, and review application architecture.
- Demonstrate testing expertise through live demonstrations to internal and external audiences.
- Work autonomously on engagements with minimal supervision and guidance.
- Uphold integrity, professionalism, and personal responsibility to maintain a respectful work environment.
Requirements
- At least three years of hands-on experience in application penetration testing of APIs, web applications, or mobile applications.
- Bachelor's degree from an accredited college or university, or equivalent industry experience.
- Ability to communicate reporting results to both technical and non-technical audiences and lead remediation conversations.
- Experience with Burp Suite Pro and other testing tools such as Netsparker and Checkmarx.
- Preferred certifications (not required): GWAPT, CREST, OSWE, OSWA.
- Willingness to travel as needed.
- Authorized to work in the United States without visa sponsorship now or in the future; no sponsorship is available.
Technologies
- Burp Suite Pro
- Netsparker
- Checkmarx
Benefits
- Medical and dental plans
- Vision coverage
- Disability insurance
- Life insurance
- 401(k) plans
- Personal well-being benefits to support mental health
- Personal Time Off
- Paid holidays
- Year-end break
- July 4th break
Location: Chicago, IL (onsite)
Salary: USD 95,855 - 208,265 per year