Michigan IT Jobs

Mobile michigan-jobbank Logo

Job Information

KPMG Application Security (AppSec) Senior Specialist in Grand Rapids, Michigan

Application Security (AppSec) Senior Specialist

Chicago, Illinois

Requisition #: 46755

Practice Area: Advisory

Location: Denver, CO; Orlando, FL; Atlanta, GA; Chicago, IL; Boston, MA; Grand Rapids, MI; New York, NY

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking an Application Security (AppSec) Senior Specailist to join ourpractice.

Responsibilities:

  • Perform risk based, technical assessments of applications, using both dynamic and static scanning tools, produce reports, open tickets in work tracking systems (e.g. Jira), and meet with development teams as required

  • Implement, operate and maintain application security tools, such as static application security testing (SAST) and dynamic application security testing (DAST) tools

  • Execute application penetration testing to exploit vulnerabilities, document results and provide recommendations

  • Perform application threat modeling, articulate business risks of technical vulnerabilities to client personnel, assist with scoping prospective engagements and developing proposals

  • Maintain working knowledge of advanced cyber threat actor tactics, techniques, and procedures.

  • Keep up-to-date with industry changes by attending training, understanding emerging security practices and standards

Qualifications:

  • Minimum three years of experience in information security preferably in the areas of application security, or security engineering

  • Bachelor's degree from an accredited college/university or equivalent professional experience

  • Understanding of Software Development Life Cycle (SDLC) and DevOps processes, common application vulnerabilities, including OWASP Top 10

  • Experience with application security penetration testing and performing baseline static/dynamic application security assessments (SAST/DAST) on new applications and changes to applications

  • Familiarity with cloud-based (e.g., AWS, Azure) application development services and tool and application security scanning technologies (Veracode, AppScan, Fortify, Contrast Security, Checkmarx or similar) such as static application security testing (SAST), dynamic application security testing (DAST)

  • Knowledge of white hat hacker tools such as Burp, Sqlmap, Nikto, Nmap, Wireshark and source code analyzers

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. Thecontains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

Our Benefits

Health

KPMG offers a range of medical insurance options to meet your needs as well as prescription drug coverage, health care flexible spending accounts, and dependent day care flexible spending accounts.

Personal Time Off (PTO)

Up to 30 PTO Days per year (depending on job classification/level/years of service).

Financial

  • 401(k) and Pension Plans

  • Dependent Care Flexible Spending Account

  • Health Care Flexible Spending Account

  • Mortgage Assistance Program

  • HomeBenefits@Work Program

  • Hyatt Legal Plan

  • Benefits vary by employment status.

DirectEmployers