Senior AppSec / Red Teaming - KPMG

Key Responsibilities

• Design and conduct comprehensive red‑team exercises against web, mobile, and cloud applications, simulating real‑world adversaries.
• Perform advanced penetration testing, vulnerability assessments, and threat modeling to identify and remediate security gaps.
• Collaborate with development, DevOps, and security teams to integrate secure coding practices and hardening controls.
• Develop and maintain custom exploitation tools, scripts, and frameworks using Python, Bash, and other relevant languages.
• Document findings, produce detailed technical reports, and present actionable recommendations to stakeholders.

Requirements

• 5+ years of experience in application security, red‑team, or advanced penetration testing.
• Proficiency with Kali Linux, Metasploit, Burp Suite, and other industry‑standard tools.
• Strong scripting skills in Python and Bash; familiarity with C/C++ for low‑level exploitation.
• Deep understanding of OWASP Top 10, secure coding principles, and threat modeling frameworks.
• Excellent communication skills and ability to translate technical findings into business‑friendly insights.