Cyber Security Senior Consultant (VAPT Security & Assessment)

Cyber Security Senior Consultant

At KPMG, we offer fascinating, challenging and well rewarded careers.

At KPMG, we offer fascinating, challenging and well rewarded careers.

cyber security consultant




  • Performs Vulnerability Assessment and Penetration Testing (VAPT)
  • Subject Matter Expert for Infrastructure and/or Application Security and provides consultative recommendations in discussions related to Vulnerability Assessment and Penetration Testing
  • Uses manual testing techniques and methods to gain a better understanding of the applications/mobile app environment and reduce false negatives.
  • Documents findings and recommendations, and present with stakeholders from technical team (Development, Infrastructure) and non-technical team (Operations, Management)
  • Conducts security assessments aligned with industry best practice and standards



  • Graduate of Bachelor of Science in Information Technology, Computer Science and the equivalent courses.
  • Has at least 3 years of experience in security testing (VAPT, Source Code Review, Configuration Review, Architecture Review, Controls Review)
  • Has 2 years of experience in governance, risk and compliance
  • Has a strong knowledge in System & Network Infrastructure, API and Mobile Application Development
  • Has an in-depth knowledge of OWASP Top 10 and CVEs, and the ability to effectively communicate methodologies and techniques with development teams and operations
  • Has a strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS, PCI DSS and SWIFT CSP (Secondary)
  • Has hands-on experience with security testing tools such as Nessus, Burpsuite, Qualys and others
  • Has an understanding of Cloud Compute, Storage, Security and Virtualization best practice
  • Has experience working on Unix, Windows & Linux platforms
  • Has at least one of the following certifications:
  • EC Council CEH or Mile2 CPEH (Preferred Primary)
  • CompTIA Security +
  • ISMS Lead Auditor or ISACA CISA
  • Other certifications with ISC2, CompTIA, EC Council, OSCP, CREST or SANS
  • Excellent verbal and written communication, presentation, and interpersonal skills.
  • Willing to handle global engagements and work in a shifting schedule.