KPMG Baltics OÜ


Penetration tester

We are looking for a Junior/Senior Penetration Tester.
You will be an integral member of our team who supports enterprise-wide information systems through tests that follow the attack lifecycle, by scoping, preparing, and delivering goal oriented
assessments that positively benefit our customers' prevention, detection and response capabilities.

Your responsibilities will be:

• Performing “Black, Grey, and White Box” internal and external
pentests against systems to determine vulnerabilities and offer
mitigation strategies
• Performing pentests as part of system authorization assessments,
and following up pentests to confirm remediation of vulnerabilities
identified during previous assessments
• Performing web application pentests
• Performing vulnerability risk assessments and physical pentests
• Assisting in cyber incident response as needed for programs and in
support of the incident response team.

We expect you to have:
• At least 1 year's experience in a Penetration Testing Role, or a Bachelor’s
degree with minimum 1 year of security technology work experience
• Intermediate scripting, system administration or software engineering
background (e.g. Python, Ruby, Javascript, Perl, or Java)
• Fluent in a variety of web application protocols, operating systems and
networking technologies
• Strong understanding of common network vulnerabilities, OS vulnerabilities
(Linux, Windows and OSX), patching and attack patterns
• Intermediate understanding of OWASP Top 10 vulnerabilities such as XSS,
XSRF, SQL Injection, Cookie Manipulation among others
• Experience with testing applications against OWASP Top 10 vulnerabilities
• Intermediate knowledge of the MITRE ATT&CK framework
• Strong analytical, problem solving and engineering skills,
good written and verbal communication skills
• Experience with parsing / analysis of large data sets
(e.g. vulnerability scan results)