New York Jobs

Department of Labor Careers

Job Information

KPMG Application Security (AppSec) Lead Specialist in New York, New York

Application Security (AppSec) Lead Specialist

Orlando, Florida

Requisition #: 46757

Practice Area: Advisory

Location: Denver, CO; Orlando, FL; Atlanta, GA; Chicago, IL; Grand Rapids, MI; New York, NY

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking an Application Security (AppSec) Lead Specialist to join ourpractice.

Responsibilities:

  • Provide technical leadership in the assessment, design and implementation of application security

  • Improve and manage the application security program and the company wide secure development standards

  • Conduct code reviews and static & dynamic code analysis

  • Effectively delivers technical debriefs to stakeholders including technical staff, stakeholders and leaders

  • Perform and oversee application and mobile security vulnerability assessments and penetration testing and provide vulnerability remediation guidance

  • Develops scripts, tools, methodologies and best practices to improve team capabilities while articulating business risks of technical vulnerabilities to client personnel; Scope prospective engagements and developing proposals; Identify and communicate findings to client personnel

Qualifications:

  • Minimum five years of experience in Information Security in the areas of application security, security engineering, or cloud security

  • Bachelor's degree from an accredited college/university or equivalent professional experience

  • Understanding of Software Development Life Cycle (SDLC) and DevOps processes; Strong understanding of common application vulnerabilities, including OWASP Top 10

  • Demonstrated experience with enterprise application development in one or more of the common development platforms: Python, Java/J2EE, .Net/C#, C/C++, Python, PHP

  • Prior working knowledge of security testing practices & tools (Fortify, BurpSuite, Contrast Security, Checkmarx, etc.); common application security testing techniques (SAST, DAST, IAST); Knowledge of networking and system level concepts such as web application architecture, REST APIs, SOAP, jQuery, AJAX CISSP, OSCP, GWAPT, GPEN GXPN certifications; Strong knowledge of Waterfall, Agile methodologies and continuous integration

  • Experience writing enterprise security standards, policies and coding guidelines; knowledge of secure coding practices, success with application security design and architecture; experience in application security vulnerability assessments and penetration testing

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. Thecontains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

Our Benefits

Health

KPMG offers a range of medical insurance options to meet your needs as well as prescription drug coverage, health care flexible spending accounts, and dependent day care flexible spending accounts.

Personal Time Off (PTO)

Up to 30 PTO Days per year (depending on job classification/level/years of service).

Financial

  • 401(k) and Pension Plans

  • Dependent Care Flexible Spending Account

  • Health Care Flexible Spending Account

  • Mortgage Assistance Program

  • HomeBenefits@Work Program

  • Hyatt Legal Plan

  • Benefits vary by employment status.

DirectEmployers