KPMG : Consultant – VAPT / Application Security / Red Teaming

CategoryDetails
CompanyKPMG India
Job TitleConsultant – VAPT / Application Security / Red Teaming
Job IDINTG10039772
DepartmentCyber Security – VAPT / Application Security
Job TypeFull-Time
Primary Job LocationBengaluru
Office Location MentionedKochi – Nippon Q1, Level-5
Experience Required6+ Years in VAPT, Application Security, or Security Research
Minimum QualificationNot specified (Bachelor’s degree in Computer Science, Information Security, IT, or related field is generally preferred)
Job PurposePerform Vulnerability Assessment & Penetration Testing (VAPT), Application Security Testing, Red Teaming, Source Code Review, Security Research, and Security Automation to identify and remediate vulnerabilities across enterprise applications and infrastructure.
Key Responsibilities• Perform VAPT for Web, Mobile, APIs, Network, Cloud, and Infrastructure.• Identify, exploit, validate, and document security vulnerabilities.• Conduct secure source code reviews.• Develop Proof-of-Concept (PoC) exploits.• Prepare detailed technical reports with risk ratings and remediation recommendations.• Work with Product, Development, Infrastructure, and Security teams to resolve findings.• Research emerging threats, exploits, vulnerabilities, and security tools.• Participate in Red Team / Blue Team exercises.• Align testing with OWASP, MITRE ATT&CK, SANS, NIST, and ISO 27001 standards.• Automate security testing using scripts and tools.• Support compliance audits and security certifications.
Technical SkillsVAPT, Application Security, Red Teaming, Web Security, Mobile Security, API Security, Network Security, Cloud Security, Infrastructure Security, Source Code Review, Security Research, Secure Coding, Technical Reporting
Security FrameworksOWASP Top 10, MITRE ATT&CK, SANS, NIST, ISO 27001
Security ToolsBurp Suite, Metasploit, Nmap, Nessus, Wireshark, Kali Linux, Nikto, Fortify, OWASP ZAP, MobSF
Programming / ScriptingPython, Bash, PowerShell (or similar scripting languages)
Cloud KnowledgeAWS, Microsoft Azure, Google Cloud Platform (GCP) – Preferred
Core CompetenciesManual Penetration Testing, Exploit Development, Vulnerability Validation, Analytical Thinking, Problem Solving, Security Automation, Cross-functional Collaboration
Posting Date02 July 2026
Career LevelConsultant (Mid–Senior Level Cyber Security Professional)

Click here to apply

Leave a Comment