Penetration Testing Manager - Cyber Security

London, United Kingdom
07 Mar 2019
16 May 2019
Job Role
Risk Analyst
Job Type
AutoReq ID


Job Title

Penetration Testing Manager - Cyber Security


United Kingdom




Risk Consulting

Service Line

RC Technology

Service Line Information

Using a wide variety of technical and sector-specific skills, KPMG's Risk Consulting group proactively helps clients increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.

Technology - Our clients need to deal effectively with technology related risks and derive maximum value from data and documentation. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

KPMG Overview

KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients' most critical challenges.

With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.

Job Description

KPMG has been acknowledged by Forrester as a leader in the provision of cyber security consultancy. We are investing to building out our cyber consulting team to meet a growing demand and provide a comprehensive range of services to many of the largest financial services companies in the world.

We help out clients protect, detect and respond to high end cyber threats; helping them understand the cyber threat landscape, make sensible decisions on investment priorities, and build out the specialist capabilities they need to counter financial crime and other threats.

We believe that cyber security is about helping our clients to harness business opportunities safely and securely. For us, cyber security isn't just a technical issue, it is one which engages the whole business and focusses on a holistic approach to understanding and mitigating the risk.

Our cyber practice works closely with KPMG's broader advisory practice to link cyber security to financial crime and risk management, operational resilience and IT transformation.

Within the cyber practice our Cyber Defence Services (CDS) team undertakes penetration testing, red teaming and a variety of technical security reviews for some of the largest and most demanding clients in the world. Our clients include major banks, pharma, oil and gas, telecommunication and government organisations.

The Role
You will play a leading role within the Cyber Defence Services (CDS) team, helping drive the development of the business and taking responsibility for the oversight and delivery of some of our most demanding penetration testing and red team engagements. As a manager you will help raise the profile of the team, play a key part in making sure that we develop new CDS service offerings and help coach and mentor team members.

Management and delivery of penetration testing services to clients to include the following:
o Scoping
o Financial management
o Engagement and risk management
o Production and review of deliverables.
- Reporting technical issues in business terms
- Developing constructive client relationships, both inside and outside of KPMG.
- Developing an understanding of KPMG's broader offerings to enable identification of business opportunities
- Actively identifying and progressing business development opportunities, as well as managing sales activities such as proposal writing and assisting with client presentations.
- Role modelling risk and engagement management practices.
- Coaching and developing team members through sharing of experience and knowledge.
- Continuous development of self and team, including managing client feedback.
- Monitoring quality of service and products to clients and carrying out improvement or development as necessary.
- Performance management of junior staff

The Person
- Proven experience of successfully managing and delivering projects on time and to budget.
- Proven experience working within the industry
- Clear and demonstrable understanding of penetration testing, including CESG accredited schemes such as CBEST, STAR, CPA, CHECK and CTAS. OSCP, CCSAS/CCSAM
- Demonstrable understanding and practical application of information security principles
- Proven experience of producing high quality deliverables working alone and as part of a team.
- Excellent communication skills
- Proven experience of secure coding practices
- Reverse engineering experience desirable

Qualifications and Skills
- Degree level qualified, MSc in Information Security, IT or relevant subject (preferred)
- Web-application penetration testing experience preferred
- Programming skills, .NET
- Excellent communication skills (both written and oral) and project management skills
- Clearances required - eligibility for SC or DV is desirable

Our Deal

Flexible Working

While some of our client-facing professionals can be required to travel regularly, and at times be based at client sites, we are supportive where possible of helping you to achieve a balance between your home and work demands.

We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Furthermore, as part of the recruitment process, we can put you in touch with people who work flexibly so you can understand from them what our culture is like.

Applying with a Disability

KPMG are proud to be an inclusive, equal opportunity employer and we seek to attract and retain the best people from the widest possible talent pool. As a member of the Business Disability Forum we're committed to ensuring that you are treated fairly throughout our Recruitment Process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require, with your recruitment contact.

KPMG's commitment to diversity

KPMG consistently features in the Sunday Times Best Big Companies to work for, which has been recognised with a special achievement award to mark our 10 years in the Top 25. We are proud of the value we place on individuality; we want you to bring your full self to work and truly maximise your potential. We believe that your individuality helps us to deliver the best results for our clients. Diversity of background, diversity of experience, diversity of perspective - that's the KPMG difference. But, don't take our word for it, find out more about diversity at KPMG.

Returning to work after a break

At KPMG, we appreciate that returning to work after an extended career break can be daunting. We understand that those with experience who have taken a career break have a wealth of experience and knowledge to offer our organisation, which helps us to achieve our business goals. We will support you to refresh your skills, develop your confidence and provide a supportive network across the firm to help you best integrate into the working environment. This role welcomes applications for individuals who have been out of work for 18 months or more and who have previous relevant experience.

Policy for Agencies

KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. Please check here to see our policy on agencies: Policy

Job Segment: Telecom, Telecommunications, Corporate Security, Consulting, Technology, Security

Similar jobs

Similar jobs