Manager - Penetration Test, Cyber Security Advisory
KPMG 毕马威ChinaUpdate time: August 8,2019
Job Description
We are seeking Cybersecurity Attack & Penetration Tester / Ethical Hacker specialist to join our IT Advisory practice.
This role focuses on various technical security testing areas such as vulnerability assessment, application and network penetration testing, wireless security, mobile security, website & app security, and system security testing. This role also simulate real - time cyber - attacks using red - team / blue team techniques.
Cyber team members regularly interact with C - Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind - set, understanding of IT within a Business context, and well- developed communication skills are desirable.
Responsibilities
Qualifications and Skills
- Professionally qualified preferred (e.g. OSCP and/or CREST - CRT, CCT, CSAS and/or GIAC - GXPN, GPEN, GWAPT, etc. or other relevant qualifications)
- Be able to lead and oversee as well as work as part of a team, and at the same time being an independent self - starter
- Have strong analytical, problem solving and inter - personal skills
- Commands excellent written and oral communication skills with the ability to present ideas and results to technical and non- technical audiences
Skills
Level of education
We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.
Personal data collected will be used for recruitment purposes only.
© 2019 KPMG, a Hong Kong partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved. *LI
This role focuses on various technical security testing areas such as vulnerability assessment, application and network penetration testing, wireless security, mobile security, website & app security, and system security testing. This role also simulate real - time cyber - attacks using red - team / blue team techniques.
Cyber team members regularly interact with C - Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind - set, understanding of IT within a Business context, and well- developed communication skills are desirable.
Responsibilities
- Manage and lead the penetration testing team providing necessary coaching and mentoring to deliver various complex security testing
- Conduct source code review to identify software program vulnerabilities and detect malware or malicious embedded code
- Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware/ransomware
- Conduct server/network/middleware security configuration assessments
- Prepare reports on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities
- Enhance existing penetration testing methodologies
- Develop marketing and training materials to help develop staff awareness within the company and communicate KPMG’s capabilities to clients
- Liaise with clients and manage stakeholders in an engagement lifecycle including designing, scoping, delivering and reporting
- Build and maintain relationships with existing and prospective clients, and develop / improve your network of business contacts
Qualifications and Skills
- Professionally qualified preferred (e.g. OSCP and/or CREST - CRT, CCT, CSAS and/or GIAC - GXPN, GPEN, GWAPT, etc. or other relevant qualifications)
- Able to work on various platforms and operating systems (e.g. Windows, Linux, Kali) is preferred
- Experience with at least one scripting language (e.g. bash, powershell, python) is preferred
- Familiar and experience with networking concepts (e.g. routing, ALC, load balancers, SSL/TLS, TCP) is preferred
- Extensive experience with the OWASP testing methodology (e.g. mobile, web applications) along with penetration testing tools that support it
- Be able to lead and oversee as well as work as part of a team, and at the same time being an independent self - starter
- Have strong analytical, problem solving and inter - personal skills
- Commands excellent written and oral communication skills with the ability to present ideas and results to technical and non- technical audiences
- Possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer/Electronics), or a related discipline is preferred
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
- Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives
- Strong client services orientation and accustomed to taking an active role in executing client engagements
- Strong analytical skills and the ability to develop thought leadership publications
Skills
- Penetration Testing
- VAPT
- OSCP
- iCAST
- Red team
- Malware Analysis
- Application Security
- Cybersecurity
- CREST CRT CCT CSAS
- Cyber
Level of education
- Bachelor's Degree
We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.
Personal data collected will be used for recruitment purposes only.
© 2019 KPMG, a Hong Kong partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved. *LI
Get email alerts for the latest"Manager - Penetration Test, Cyber Security Advisory jobs in China"