Manager - Offensive Security Manager

At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Are you a talented individual with a proven track record on executing project deliverables.  

Our Vancouver team is looking for a highly motivated and technically competent Cyber Security professional at a Manager level to join our team! As a member of KPMG Canada’s cross-functional Cyber team, you will be dedicated to enabling our clients' enhancement of their cyber security posture, securing vulnerabilities in their infrastructure and critical applications.

A career within our Cybersecurity Services, will provide you with the opportunity to help our clients implement an effective cybersecurity program that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners, and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate, and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

KPMG’s leading cyber security practice provides a comprehensive suite of cyber security services, from cyber governance, strategy, defense, and response, through to complete end-to-end cyber security transformation services. This is an exciting opportunity for talented, energetic people to join a practice that is experiencing significant growth. We are looking for candidates who have demonstrated academic, business, and technical excellence, strong all-around capabilities, and fit with our culture. Individuals who can work in a dynamic, fluid, and entrepreneurial environment will excel, and will find a wide range of opportunities within our growing practice. It is an excellent opportunity for those that are looking to work in a firm and department with great career progression opportunities and wanting to be part of building a premier cyber consulting team.

Find out more about KPMG Cyber Defense.

As a Manager on in Offensive Security services on the Cyber Defense team, you will work as part of a dedicated group of problem solvers with extensive consulting, technical cyber security and industry experience, helping our clients solve their complex technical cyber security issues from identifying vulnerabilities in a client’s infrastructure/applications to assisting our clients in building a layered defense to prevent potential future cyber-attacks. Specific responsibilities include but are not limited to:

• Engage with a variety of clients on penetration testing projects and tasks ranging from: network and application discovery and scoping, vulnerability enumeration, exploitation testing, documentation of results and recommendations.
• Manage a technical team to perform vulnerability assessments, network and application mapping and explorative exercises, analyze misconfigurations in infrastructure and applications.
• Provide recommendations and advise on steps to mitigate the current level of exploitation, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks.
• Manage a team of technical experts to analyze results of assessment and create technical accurate and articulate reports in a business professional language, to be shared with technical stakeholders, executive stakeholders and potential third parties.
• Conduct research and development on technical cyber security topics, common attack vectors, infrastructure design/ technologies and offensive security testing methods.

Technical Skills / Qualifications:

• Bachelor’s degree (or higher) in Computer related studies (e.g., Computer Science, Information Systems or a related discipline) or Math/Science related studies (e.g., Mathematics, Physics, Engineering, etc.). Master’s level degree is an asset (in the field of Computer Science, Information Systems, Data Science, or another related field).
• At least one, entry level, technical security related certifications e.g., CEH (Practical), eJPT, PWPA, etc.).
• An advanced technical certification in Penetration Testing: OSCP, OSEP, OSED, eCPPTv2, eCPTX, OSWE, PWPP, PJPT, PNPT, etc. is highly desired.
• Certifications and/or certificates of completion from Online Penetration Testing/Red Teaming Lab services (e.g., HacktheBox, TryHackMe, Burp Suite Web Academy, etc.) is desirable.
• 4-7 years of professional hands-on, technical, cybersecurity and penetration testing experience that includes issue identification and detailed analysis, identification and exploitation of vulnerabilities, providing detailed recommendations to issues, providing written and verbal feedback to clients, and formal detailed business level reporting in a business capacity.
• Experience in external/internal infrastructure and web application penetration testing. Cloud penetration testing is desirable.

Management Skills:

• 1-3 years on management experience within a cyber security team, managing technical cyber security projects, managing and guiding technical cyber security experts and providing deliverables to stakeholders.
• Experience managing multiple team members across multiple projects, creating and managing project budgets, project planning, timeline management, stakeholder status reporting and stakeholder feedback sessions.
• Experience in business development, writing proposals, engaging in stakeholder sales conversations, and converting opportunities into engagements/projects.
• Experience in guiding, coaching and training junior cyber security team members in technical cyber security skills, consulting skills and engagement delivery.

General Consulting Skills:

• Previous experience in consulting (professional services/consulting firm) is an asset.
• Be able to hold client conversations on technical and non-technical topics, engagement status, business development activities, etc. You must be able to converse independently and add value to these conversations.
• Excellent analytical, problem solving and outside-the-box thinking, you are organized and methodical, with strong attention to detail and ability to analyze and interpret information.
• Comfortable with ambiguous tasks and objectives, able to self-lead and determine steps to complete tasks, create a self-driven action plan.
• Must be able to work independently, communicate with your team and keep your team’s leadership informed on your progress and how you’re approaching the completion of the project’s objectives.
• Professional verbal and written communication skills; able to clearly communicate issues and solutions to all levels on technical, formal and informal basis.
• Willingness and ability to travel across British Columbia, Ontario and more widely within Canada when required.

KPMG BC Region Pay Range Information   

The expected base salary range for this position is $93,000,000 to $155,000 and may be eligible for bonus awards. The determination of an applicant’s base salary within this range is based on the individual’s location, skills & competencies, and unique qualifications. In addition, KPMG offers a comprehensive and competitive Total Rewards program.

Providing you with the support you need to be at your best

Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

Adjustments and accommodations throughout the recruitment process

At KPMG, we are committed to fostering an inclusive recruitment process where all candidates can be themselves and excel. We aim to provide a positive experience and are prepared to offer adjustments or accommodations to help you perform at your best. Adjustments (informal requests), such as extra preparation time or the option for micro breaks during interviews, and accommodations (formal requests), such as accessible communication supports or technology aids, are tailored to individual needs and role requirements. You will have the opportunity to request an adjustment or accommodation at any point throughout the recruitment process. You will have an opportunity to request an adjustment or accommodation at any point throughout the recruitment process. If you require support, please contact KPMG’s Employee Relations Service team by calling 1-888-466-4778.