Specialist, Security Tester
Posted 2026-05-06
Remote, USA
Full-time
Immediate Start
KPMG is a leading advisory firm that offers excellent opportunities for career advancement and expertise development. They are seeking a Specialist, Security Tester to perform automated application and network penetration tests, identify vulnerabilities, and contribute to a collaborative team environment.
Responsibilities
- Perform automated application / network penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications
- Execute dynamic application security tests on web applications and static application security tests on source code, including identifying false positives and reprioritizing findings severity
- Conduct vulnerability analysis against internal and external networks leveraging automation techniques and solutions
- Elevate to executing independently in either the application or network domain within one year of service
- Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment
Skills
- Minimum one year of recent experience performing application and/or network penetration tests using tools such as AppScan, NetsSparker, Acunetix, BurpSuite, OWASP ZAP, Tenable Nessus, Qualys, Kali Linux, Metasploit, or equivalent
- Minimum one year of recent experience working with technical and non-technical audiences in reporting results and leading remediation conversations
- Bachelor's degree from an accredited college or university is required
- Ability to travel as necessary
- Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future
- Experience in one or more of the following a plus: mobile application testing, manual code analysis, and/or static analysis using Veracode, Fortify, SonarQube, Checkmarx, Contrast or equivalent
- Experience in one of the following a plus: Python, JavaScript, PHP, C/C++, SQL, and more
- One or more ethical hacking certifications preferred (for example: CEH, GWAPT, GPEN, OSCP, OSWA)
Benefits
- Medical and dental plans
- Vision coverage
- Disability and life insurance
- 401(k) plans
- A robust suite of personal well-being benefits to support your mental health
- Personal Time Off per fiscal year
- Calendar of holidays to be observed during the year
- Two breaks each year where employees will not be required to use Personal Time Off
Company Overview