KPMG Manager, Application Security in Montvale, New Jersey
Business Title: Manager, Application Security
Requisition Number: 31245 - 54
Function: Business Support Services
Area of Interest:
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.
KPMG is currently seeking a Manager, Application Security to join our KPMG Technology Organization.
Perform hands-on application security penetration testing. Help design and improve the security testing artifacts and process. Create security testing plans and test cases
Provide guidance to developers on recommended controls and countermeasures
Present test findings and interface with stakeholders
Develop detailed work plans, schedules, resource plans for recurring penetration tests
Liaise with external 3rd party pen testers as required
Establish and report on metrics to gauge pen testing effectiveness, progress and key risk areas identified through audits. Monitor remediation activities. Maintain awareness of the current security threat landscape
Five years of experience performing IT security risk assessments, Information Security and Third Party Vendors
Bachelor's degree from an accredited college or university
Understanding of security principles, IT security controls and OWASP top 10 Mobile and Web application vulnerabilities
Experience in web development and programming languages i.e. Java, XML, Perl and HTML
In -depth knowledge of any proxying tools such as Paros, Burp, WebScarab
Must have GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Web Application Defender (GWEB), Certified Information System Security Professional (CISSP) or equivalent certification
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, creed, religion, age, sex/gender, national origin, ancestry, citizenship status, marital status, sexual orientation, gender identity or expression, disability, physical or mental handicap unrelated to ability, pregnancy, veteran status, unfavorable discharge from military service, genetic information, personal appearance, family responsibility, matriculation or political affiliation, or other legally protected status. KPMG maintains a drug-free workplace. KPMG will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable local, state or federal law (including San Francisco Ordinance number 131192). No phone calls or agencies please.