Senior Quality Assurance Analyst/Lead jobs at Pwc

Industry/Sector Not Applicable Specialism Managed Services Management Level Senior Associate At PwC, our people in software and product innovation focus on developing cutting-edge software solutions and driving product innovation to meet the evolving needs of clients. These individuals combine technical experience with creative thinking to deliver innovative software products and solutions. In testing and quality assurance at PwC, you will focus on the process of evaluating a system or software application to identify any defects, errors, or gaps in its functionality. Working in this area, you will execute various test cases and scenarios to validate that the system meets the specified requirements and performs as expected. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn't clear, you ask questions, and you use these moments as opportunities to grow. Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: * Respond effectively to the diverse perspectives, needs, and feelings of others. * Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. * Use critical thinking to break down complex concepts. * Understand the broader objectives of your project or role and how your work fits into the overall strategy. * Develop a deeper understanding of the business context and how it is changing. * Use reflection to develop self awareness, enhance strengths and address development areas. * Interpret data to inform insights and recommendations. * Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. The Opportunity As part of the Software and Product Innovation - Testing and Quality Assurance team you are responsible for the creation and implementation of impactful testing methodologies and quality assurance processes. As a Senior Associate you analyze complex problems, mentor others, and maintain rigorous standards. You focus on building client relationships, managing test delivery engagements, and developing a deeper understanding of the business context. Responsibilities * Lead the development and execution of reliable testing methodologies * Oversee the implementation of quality assurance processes * Analyze intricate issues to provide solutions * Mentor and guide junior team members * Maintain excellence in deliverables * Build and nurture client relationships * Manage test delivery engagements effectively * Develop a thorough understanding of the business context What You Must Have * High School Diploma * 3 years of experience What Sets You Apart * Bachelor's Degree in Computer Engineering preferred * Project Management Professional (PMP), or Agile Certification preferred * Evaluating and appraising the lifecycle of a defined Testing Methodology * Managing Test Delivery engagements * Utilizing leading practice application and integration testing * Providing testing recommendations and organizational designs * Managing technical teams and engagements * Assessing end-to-end integrated systems * Conducting quantitative and qualitative analyses of large and complex data Travel Requirements Up to 60% Job Posting End Date Learn more about how we work: ************************** PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: *********************************** As PwC is an equal opportunity employer, all qualified applicants will receive consideration for employment at PwC without regard to race; color; religion; national origin; sex (including pregnancy, sexual orientation, and gender identity); age; disability; genetic information (including family medical history); veteran, marital, or citizenship status; or, any other status protected by law. For only those qualified applicants that are impacted by the Los Angeles County Fair Chance Ordinance for Employers, the Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, San Diego County Fair Chance Ordinance, and the California Fair Chance Act, where applicable, arrest or conviction records will be considered for Employment in accordance with these laws. At PwC, we recognize that conviction records may have a direct, adverse, and negative relationship to responsibilities such as accessing sensitive company or customer information, handling proprietary assets, or collaborating closely with team members. We evaluate these factors thoughtfully to establish a secure and trusted workplace for all. Applications will be accepted until the position is filled or the posting is removed, unless otherwise set forth on the following webpage. Please visit this link for information about anticipated application deadlines: *************************************** The salary range for this position is: $77,000 - $202,000. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. All hired individuals are eligible for an annual discretionary bonus. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation, personal and family sick leave, and more. To view our benefits at a glance, please visit the following link: ***********************************

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, AI Penetration Tester to join our Managed Services practice. Responsibilities: * Execute AI-focused penetration testing engagements, including manual testing of systems incorporating AI/ML, objective-based testing of AI-driven features, and coverage of both traditional and AI-centric attack surfaces * Perform threat modeling for AI-powered software systems, evaluate AI-related business logic, and conduct architecture reviews with emphasis on adversarial ML vectors, prompt-based vulnerabilities, and other AI-specific security risks * Develop and improve AI-driven tools and methodologies for offensive security tasks such as discovery, exploitation, fuzzing, and adversarial ML testing, focusing on web apps, APIs, and mobile clients * Demonstrate AI penetration testing findings to technical and non-technical audiences, including live demos, and collaborate with engineering, development, and security teams to lead remediation discussions and advise on secure AI model development and deployment best practices * Research emerging AI attack techniques, evaluate their potential impact, identify vulnerabilities, and provide actionable recommendations to strengthen AI defenses * Collaborate with internal Red Teams, SOC analysts, and AI security researchers to refine AI red teaming approaches by integrating new adversarial ML techniques and proven exploitation tactics * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent penetration testing experience focused on APIs, web applications, and mobile applications; experience with AI model testing or AI security highly desirable * Bachelor's degree from an accredited college or university is required * Proven background in AI red teaming and adversarial attack development, including prompt engineering attacks, LLM-based vulnerability analysis, and model evasion techniques * Proficiency with penetration testing tools (for example: Burp Suite Pro, Netsparker, Checkmarx) and AI security frameworks (for example: TensorFlow, PyTorch, LLM APIs, LangChain) * Strong communication and presentation skills to explain AI-related vulnerabilities to technical and non-technical stakeholders and drive remediation * One or more major ethical hacking certifications (for example: GWAPT, CREST, OSWE, OSWA) and certifications or training in AI security techniques * Ability to travel as necessary * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, MAST Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site). KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, Web Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Title: Cybersecurity - Attack and Penetration Tester** **Practice Description** Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international team of cybersecurity specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. **The Opportunity** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. **Your Key Responsibilities** Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of cybersecurity topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences and publishing white papers. As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. **Skills and Attributes to success:** + Perform penetration testing which includes, web application, API, and Thick client penetration testing + Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements + Provide technical leadership and advise junior team members on attack and penetration test engagements + Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations + Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations + Execute penetration testing projects using the established methodology, tools and rules of engagements + Convey complex technical security concepts to technical and non-technical audiences including executives **To Qualify for the Role, You Must Have** + A bachelor's degree and at least 5+ years of related work experience + Experience with manual attack and penetration testing + Experience with scripting / programming skills (eg, Bash, Python, PowerShell, Java, Perl, Rust, Golang, J2EE, .NET, JavaScript, etc) + Updated and familiarized with the latest exploits and security trends + Any two of the following certifications: OSCP, OSWP, OSEP, OSCE, OSEE, GPEN, GWAPT, GMOB, GCPN, GXPN, GRTP, GDAT, CRTO, CRTP, CRTE, CREST CRT, CCSAS, CWEE, Burp Suite Certified Practitioner, CBBH, eWPTX, OSWA, eWPT, eMAPT **Ideally, you'll also have** + A bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field with at least 3+ years of related work experience or a master's degree and at least 2+ years of related work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and red team assessments + Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, open-source project involvement, blog posts, publications, and similar activities + An understanding of web-based application vulnerabilities (OWASP Top 10) + Strong analytical and problem-solving abilities + Excellent communication skills, both written and verbal + Ability to work collaboratively in a team environment **What We Look For** We're interested in intellectually curious people with a genuine passion for cyber security. With your specialization in attack and penetration testing, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $72,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

The KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Manager, Workday HCM - Testing Lead for our Consulting practice. Responsibilities : * Lead Workday HCM projects involving strategy, implementation support, and Enterprise Resource Planning (ERP) optimization related to Information Technology (IT) operations, business processes, security, and data integrity for the Workday applications * Support business development activities such as identification, proposal development, and other pursuit activities; work with the appropriate KPMG resources from other service lines/industries * Lead the day-to-day activities of ERP Advisory engagements for various clients, including process design, package implementation lifecycle support, and project reviews * Supervise and performance manage staff working on assigned engagements * Manage engagements according to KPMGs financial/cost management policies Qualifications : * A minimum of five years of enterprise resource planning (ERP), HCM implementation, testing and upgrade experience * Bachelor's degree in an appropriate field from an accredited college/university * Completion of one full implementation with Workday HCM and Workday certification in HCM or Integration (Please note that any candidate hired by KPMG into this position that doesnt currently hold the aforementioned certification will be required to secure one within three months from the commencement of employment) * Strong verbal and analytical skills with the ability to write at a publication quality level * Detailed understanding of ERP System concepts and general module functionality * Travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $129300 - $223900 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, MAST Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site). KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, Web Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, AI Penetration Tester to join our Managed Services practice. Responsibilities: * Execute AI-focused penetration testing engagements, including manual testing of systems incorporating AI/ML, objective-based testing of AI-driven features, and coverage of both traditional and AI-centric attack surfaces * Perform threat modeling for AI-powered software systems, evaluate AI-related business logic, and conduct architecture reviews with emphasis on adversarial ML vectors, prompt-based vulnerabilities, and other AI-specific security risks * Develop and improve AI-driven tools and methodologies for offensive security tasks such as discovery, exploitation, fuzzing, and adversarial ML testing, focusing on web apps, APIs, and mobile clients * Demonstrate AI penetration testing findings to technical and non-technical audiences, including live demos, and collaborate with engineering, development, and security teams to lead remediation discussions and advise on secure AI model development and deployment best practices * Research emerging AI attack techniques, evaluate their potential impact, identify vulnerabilities, and provide actionable recommendations to strengthen AI defenses * Collaborate with internal Red Teams, SOC analysts, and AI security researchers to refine AI red teaming approaches by integrating new adversarial ML techniques and proven exploitation tactics * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent penetration testing experience focused on APIs, web applications, and mobile applications; experience with AI model testing or AI security highly desirable * Bachelor's degree from an accredited college or university is required * Proven background in AI red teaming and adversarial attack development, including prompt engineering attacks, LLM-based vulnerability analysis, and model evasion techniques * Proficiency with penetration testing tools (for example: Burp Suite Pro, Netsparker, Checkmarx) and AI security frameworks (for example: TensorFlow, PyTorch, LLM APIs, LangChain) * Strong communication and presentation skills to explain AI-related vulnerabilities to technical and non-technical stakeholders and drive remediation * One or more major ethical hacking certifications (for example: GWAPT, CREST, OSWE, OSWA) and certifications or training in AI security techniques * Ability to travel as necessary * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, Web Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, MAST Application Penetration Tester to join our Managed Services practice. Responsibilities: * Conduct manual application penetration testing against API's (REST/SOAP), Web Applications, Mobile applications, and thick client applications * Perform objective based on abstract penetration testing engagements * Execute threat modeling, evaluate application business logic, and perform application architecture reviews * Demonstrate application testing experience in real time via demos to both internal and external audiences * Function independently in penetration testing engagements, with minimal oversight and guidance * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent experience in application penetration testing of Application Programming Interface (API's), web applications, or mobile applications * Bachelor's degree from an accredited college/university or equivalent industry experience * Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations * Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx * One or more major ethical hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) * Ability to travel as required * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site). KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, AI Penetration Tester to join our Managed Services practice. Responsibilities: * Execute AI-focused penetration testing engagements, including manual testing of systems incorporating AI/ML, objective-based testing of AI-driven features, and coverage of both traditional and AI-centric attack surfaces * Perform threat modeling for AI-powered software systems, evaluate AI-related business logic, and conduct architecture reviews with emphasis on adversarial ML vectors, prompt-based vulnerabilities, and other AI-specific security risks * Develop and improve AI-driven tools and methodologies for offensive security tasks such as discovery, exploitation, fuzzing, and adversarial ML testing, focusing on web apps, APIs, and mobile clients * Demonstrate AI penetration testing findings to technical and non-technical audiences, including live demos, and collaborate with engineering, development, and security teams to lead remediation discussions and advise on secure AI model development and deployment best practices * Research emerging AI attack techniques, evaluate their potential impact, identify vulnerabilities, and provide actionable recommendations to strengthen AI defenses * Collaborate with internal Red Teams, SOC analysts, and AI security researchers to refine AI red teaming approaches by integrating new adversarial ML techniques and proven exploitation tactics * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum three years of recent penetration testing experience focused on APIs, web applications, and mobile applications; experience with AI model testing or AI security highly desirable * Bachelor's degree from an accredited college or university is required * Proven background in AI red teaming and adversarial attack development, including prompt engineering attacks, LLM-based vulnerability analysis, and model evasion techniques * Proficiency with penetration testing tools (for example: Burp Suite Pro, Netsparker, Checkmarx) and AI security frameworks (for example: TensorFlow, PyTorch, LLM APIs, LangChain) * Strong communication and presentation skills to explain AI-related vulnerabilities to technical and non-technical stakeholders and drive remediation * One or more major ethical hacking certifications (for example: GWAPT, CREST, OSWE, OSWA) and certifications or training in AI security techniques * Ability to travel as necessary * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $84500 - $179300 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Driving lasting impact and building long-term capabilities with our clients is not easy work. You are the kind of person who thrives in a high performance/high reward culture - doing hard things, picking yourself up when you stumble, and having the resilience to try another way forward. In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities you need to become a stronger leader faster than you ever thought possible. Your colleagues-at all levels-will invest deeply in your development, just as much as they invest in delivering exceptional results for clients. Every day, you'll receive apprenticeship, coaching, and exposure that will accelerate your growth in ways you won't find anywhere else. When you join us, you will have: * Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey. * A voice that matters: From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes. * Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions for our clients. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences. * World-class benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family. As a business analyst, you will join a client service team and take ownership of a workstream to solve some of the toughest challenges our clients face. And these aren't just any clients-they're some of the most influential organizations around, from Fortune 500 giants to innovative startups. We will expect you to go the extra mile, delivering solutions that solve immediate problems and drive long-term change. And we'll rely on your judgment and integrity to ensure our recommendations are effective and long-lasting. You will take on a role that goes beyond advising. You'll be at the heart of the action-helping to uncover the true challenges behind a client's strategy and creating actionable plans that drive real change. Working alongside clients and other McKinsey colleagues, you'll combine research, analyzing data, interviews, and brainstorming to generate fresh insights and breakthrough solutions. Your commitment to our values will be crucial in earning our clients' trust and delivering results that matter. As you collaborate directly with clients, you'll help them solve problems, refine strategies, and implement transformations. By equipping them with the tools and knowledge to continue innovating and improving after we've left, you'll ensure the impact of our work endures. In doing so, you'll uphold McKinsey's commitment to making a meaningful difference in the industries and communities we serve. * Typically, an undergraduate degree with less than 4 years of work experience; Requirements may vary by country or practice. * Excellent organization capabilities, including the ability to initiate tasks independently and see them through to completion. * Strong communication skills, both verbal and written, in English and local office language(s), with the ability to adjust your style to suit different perspectives and seniority levels. * Proficient in rational decision making based on data, facts, and logical reasoning. * Ability to create work product-focused materials / outputs, which may include PowerPoint decks, Excel models, articles, or other written deliverables. * Exceptional time management to meet your responsibilities in a complex and largely autonomous work environment. * Ability to work or attend meetings outside of traditional business hours or take on projects with limited or no notice at times. * Ability to travel to and work in varying environments that may be challenging and/or not accessible (e.g., factories, hospitals, mines).

Driving lasting impact and building long-term capabilities with our clients is not easy work. You are the kind of person who thrives in a high performance/high reward culture - doing hard things, picking yourself up when you stumble, and having the resilience to try another way forward. In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities you need to become a stronger leader faster than you ever thought possible. Your colleagues-at all levels-will invest deeply in your development, just as much as they invest in delivering exceptional results for clients. Every day, you'll receive apprenticeship, coaching, and exposure that will accelerate your growth in ways you won't find anywhere else. When you join us, you will have: * Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey. * A voice that matters: From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes. * Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions for our clients. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences. * World-class benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family. As a business analyst, you will join a client service team and take ownership of a workstream to solve some of the toughest challenges our clients face. And these aren't just any clients-they're some of the most influential organizations around, from Fortune 500 giants to innovative startups. We will expect you to go the extra mile, delivering solutions that solve immediate problems and drive long-term change. And we'll rely on your judgment and integrity to ensure our recommendations are effective and long-lasting. You will take on a role that goes beyond advising. You'll be at the heart of the action-helping to uncover the true challenges behind a client's strategy and creating actionable plans that drive real change. Working alongside clients and other McKinsey colleagues, you'll combine research, analyzing data, interviews, and brainstorming to generate fresh insights and breakthrough solutions. Your commitment to our values will be crucial in earning our clients' trust and delivering results that matter. As you collaborate directly with clients, you'll help them solve problems, refine strategies, and implement transformations. By equipping them with the tools and knowledge to continue innovating and improving after we've left, you'll ensure the impact of our work endures. In doing so, you'll uphold McKinsey's commitment to making a meaningful difference in the industries and communities we serve. * Typically, an undergraduate degree with less than 4 years of work experience; Requirements may vary by country or practice. * Excellent organization capabilities, including the ability to initiate tasks independently and see them through to completion. * Strong communication skills, both verbal and written, in English and local office language(s), with the ability to adjust your style to suit different perspectives and seniority levels. * Proficient in rational decision making based on data, facts, and logical reasoning. * Ability to create work product-focused materials / outputs, which may include PowerPoint decks, Excel models, articles, or other written deliverables. * Exceptional time management to meet your responsibilities in a complex and largely autonomous work environment. * Ability to work or attend meetings outside of traditional business hours or take on projects with limited or no notice at times. * Ability to travel to and work in varying environments that may be challenging and/or not accessible (e.g., factories, hospitals, mines).