Digital Trust Cyber Defense Executive
Hyderabad, Telangana, India
KPMG India
KPMG is a global network of professional firms providing Audit, Tax and Advisory services.About KPMG in India
KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.
KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS)
- Strong understanding of security risks in networks and application platforms
- Strong understanding of network security, infrastructure security and application security
- Strong understanding of OSI, TCP/IP model and network basics
- Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming
- Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms
- Broad knowledge of security technologies for applications, databases, networks, servers, and desktops
- Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones.
- Scripting and programming experience is beneficial
- Ability to perform manual penetration testing
- Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing
- Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors
- Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments.
- Perform technical writing to communicate the preparation, testing, and recommendation phases for various security tests. Work with stakeholders to remediate system vulnerabilities.
- Train team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skill of the firm
- Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management
- Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises considered a plus.
- Good Understanding of OWASP top 10 and mitigation techniques
Expertise for Red Teaming:
- Managing consulting engagements, with a focus on advanced Red Team operations and penetration tests. Provide both subject matter expertise and project management experience to serve as the “point person” for engagements.
- Assist with scoping prospective for red teaming engagements, participating in engagements from kick-off through completion
- Conduct red team assessments against a diverse cloud environment and find vulnerabilities in software, systems, networks, and logic
- Primarily responsible for Managing the Threats / Vulnerability posture, by performing Offensive Penetration Testing. Managing Surface & Dark Web brand monitoring, Anti-phishing and email spoofing protection platforms.
- Develop tools, methodologies, and infrastructure to accomplish Red Team goals
- Set objectives, and timelines for executing red team assessments and leverage data to create useful metrics
- Work with security teams to communicate findings, recommendations, and knowledge to key stakeholders and play a critical role in building a Red Team that has a wide scope and impact
- Knowledge of security testing frameworks and standards such as OSINT, OSSTMM, OWASP
- Use automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients
- Mastery of commercial and open-source security tools including, but not limited to: Nmap, Nessus, BurpSuite, Cobalt Strike, Metasploit, Wireshark, and Aircrack-ng
- authentication and security protocols, cryptography, or application security.
- Experience in developing custom exploits, scripts or payloads and malwares.
- Work domains
- Cyber security assessments
- Red Teaming
Equal employment opportunity information
KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Aircrack Application security Automation Burp Suite Cloud Cobalt Strike Cryptography Cyber defense ERP Exploits IT infrastructure Kali Linux Malware Metasploit Monitoring Nessus Network security NIST Nmap OSINT OWASP Pentesting Red team SAP Scripting Security assessment TCP/IP TTPs UNIX Vulnerabilities Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs