Vulnerability Assessment and Penetration Testing Manager
Kpmg India Services Llp
Apply on company website
Vulnerability Assessment and Penetration Testing Manager
Kpmg India Services Llp
Hyderabad
Not disclosed
Work from Office
Full Time
Min. 5 years
Job Details
Job Description
VAPT / OSCP - Manager
Description
About KPMG in India
KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.
KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.
Responsibilities
- Lead and oversee VAPT engagements (Network, Web, Mobile, API, Cloud, Thick Client).
- Manage and execute Red Team operations, including:
- Adversary simulation
- MITRE ATT&CK–based exercises
- Social engineering (phishing, vishing – where approved)
- Internal and external attack simulations
- Perform and guide advanced exploitation aligned with OSCP-level methodologies.
- Oversee post-exploitation activities, privilege escalation, lateral movement, and persistence testing.
- Ensure accurate risk ratings, root cause analysis, and remediation guidance.
- Review and approve technical reports and executive summaries.
- Lead, mentor, and grow a team of penetration testers and red teamers.
- Conduct performance reviews, skill gap assessments, and training plans.
- Promote best practices, research culture, and continuous improvement.
- Perform technical interviews and support team hiring.
- Act as primary point of contact for key clients and senior stakeholders.
- Scope engagements, estimate effort, and support pre-sales activities.
- Present findings to CISOs, IT Heads, and senior management.
- Provide strategic security recommendations and roadmap inputs
- Define and maintain testing frameworks, SOPs, and playbooks.
- Ensure compliance with standards such as:
- OWASP
- NIST
- ISO 27001
- PCI-DSS
- Support purple teaming activities with Blue Team and SOCs.
- Ensure ethical testing, approvals, and compliance with legal guidelines.
Qualifications
- Strong expertise in:
- Network, Web, Mobile, and API Penetration Testing
- OSCP-style exploitation techniques
- Windows & Linux privilege escalation
- Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket)
- Red Team tools & frameworks:
- Metasploit, Cobalt Strike, Sliver, Empire
- BloodHound, CrackMapExec, Mimikatz
- Vulnerability tools:
- Burp Suite, Nessus, Qualys, Nmap
- Cloud security testing (AWS/Azure) – preferred
- Scripting: Python, Bash, PowerShell (preferred)
Equal employment opportunity information
KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you
Job role
Work location
Hyderabad, Hyderabad-Salarpuria-KPMG, Salarpuria Knowledge City, ORWELL, A Wing, 6th Floor, Unit 3, Sy No. 83/1, Plot No 2, Raidurg, Hyderabad, Telangana, India
Department
IT & Information Security
Role / Category
IT Security
Employment type
Full Time
Shift
Day Shift
Job requirements
Experience
Min. 5 years
About company
Name
Kpmg India Services Llp
Job posted by Kpmg India Services Llp
Apply on company website