Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Cyber Defence Services - Manager

KPMG-UnitedKingdom
Birmingham
9 months ago
Applications closed

Related Jobs

View all jobs

Senior IT Infrastructure & Support Engineer

Account Manager

Solution Architect

Solutions Architect / Infrastructure Architect

SOC Shift Leader – Stevenage

IT Support, Team Lead (On-site MSP)

Job description

Manager

Job title: Cyber Defence Services - Manager
Location: UK
Line of Business: Advisory - Risk Consulting Service Area: Cyber Security

As the Pen Test Manager, you'll be responsible for leading and mentoring a team of talented penetration testers, ensuring the successful delivery of critical security assessments for our diverse clientele. You'll wear multiple hats, acting as a technical expert, project manager, and strategic leader, driving both individual and team growth.

Who is it for?

This role is perfect for you if you possess:

5+ years of experience in penetration testing Proven leadership skills and the ability to motivate and inspire others Strong technical expertise in various penetration testing methodologies Excellent communication and interpersonal skills A passion for cybersecurity and a desire to stay ahead of the curve

Why is it a great opportunity?
Make a real difference: Your work will directly impact the security posture of our clients, protecting them from real-world threats.Lead a high-performing team: Foster a collaborative and supportive environment where your team can thrive and excel.Continuous learning and development: We invest in your growth, providing opportunities to expand your skillset and stay at the forefront of the industry.Competitive compensation and benefits: We value your expertise and offer a rewarding package to match.If you're ready to take your career to the next level and make a lasting impact in the cybersecurity landscape, apply now!

Description of The Role

The manager of a pen test team wears many hats, juggling responsibilities that span both the technical and business realms.

Leading the Team:
Training and Development: Nurturing the skills of the team is paramount. The manager identifies individual strengths and weaknesses, curating training programs and fostering a culture of continuous learning.Engagement Management: Acting as the primary point of contact for clients, the manager oversees project delivery, ensuring client satisfaction and exceeding expectations.Proactive Leadership: Identifying opportunities to improve business operations is key. The manager takes initiative, proposing and implementing changes that streamline processes and enhance efficiency.Driving Growth and Success:
Ownership and Accountability: The manager takes ownership of positive outcomes, celebrating team achievements and learning from setbacks.Team Development: Fostering a positive and collaborative environment is crucial. The manager empowers team members, encouraging open communication and knowledge sharing.Financial Acumen: Managing engagement risk and financials is essential. The manager monitors budgets, identifies potential risks, and ensures project profitability.In essence, the manager of a penetration testing consultancy firm is a strategic leader, a technical expert, and a motivator, driving both individual and organisational success.

Role Dimensions

Leadership & Management:

Concisely detail the nature, breadth and depth of leadership and management responsibility/guidance that the role provides to others, the number of direct reports and the total number in the entire population the role is accountable for.

Stakeholder Interaction & challenges:

State the level, nature and frequency of stakeholder interaction, including clients and for Audit, entities we audit [for roles posted externally use sector Banking, Retail not names. Nature of challenges/complexity/ judgement.

Impact, Risk, Accountability & Governance:

Detail the type and size of impact of the role, how it affects the business and which part(s) of the business. ( whole firm, within capability, performance group). Please include the level of governance and risk the role is accountable for.

Job Description

Manager Grade

We have an exciting opportunity for a Manager to join our friendly, passionate Cyber Defence team to provide our clients with excellent service across technical assurance and penetration testing. The team live and breathe hacking and information security and offer unique opportunities across government and commercial engagements.

The KPMG's Cyber Defence (CDS) Team has a long and successful history in KPMG, our clients are diverse and we cover many sectors with particular specialisms in Government, High-end Defence Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing ( and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn't on offer elsewhere.

Our team is made up of skilled individuals at different stages in their careers, centred around three locations in Leeds, Bristol and London, therefore we are able to offer flexibility in base location, as well as embracing remote working.
As a Manager, we want your business brain as well as your technical hacking skills. You will bring ideas of how to drive the business forward, and be skilled in the commercial aspects of security testing, above all you will know what clients are looking for when they buy security testing and how to deliver it.
Responsibilties:
Management and delivery of penetration testing services to clients to include the following:ScopingFinancial and risk managementDelivery of testing and the oversight of testersReview of deliverables (QA)Coaching and developing team members through sharing of experience and knowledge.Performance management of junior staff.Continuous development of self and team, including managing client feedback.Developing constructive client relationships, both inside and outside of KPMG.Developing an understanding of KPMG's broader offerings to enable identification of business opportunitiesBusiness development including contributing to proposals and participating in client presentations.
Skills and Experience

Required:
Clear and demonstrable understanding of penetration testing and red-teaming including NCSC and CREST accredited schemes.Proven experience of successfully managing and delivering testingProven experience working within the UK cyber security industryDemonstrable understanding and practical application of information security principlesStrong technical background in computing, networks, and programming.Proven experience of producing high quality deliverables working alone and as part of a team.Excellent communication skills (written and verbal)Experience leading, coaching and mentoring highly technical teamsA genuine interest and desire to work with large multi-national clients in the information security field.
Advantageous:
Knowledge of NCSC CTAS and CPA Assurance SchemesKnowledge of working in secure environments (List X facilities) and accredited labs (ISO17025)Research and Development experienceThreat Intelligence experience
Qualifications and Skills

Qualifications are a good way to demonstrate knowledge but are not the be all and end all, our team is made up of a large number of individuals with diverse backgrounds who all share the "hacker mindset".

For this role we only have two formal requirements:

CCT-App or CCT-INF.UK Government Security Clearance - the ability to apply for and hold SC is required, DV is advantageous.
Above all, KPMG is looking for someone who is passionate about helping our clients (including the UK Government) with their cyber security challenges. In return, we are committed to helping you enjoy the role and develop your skills and career within the KPMG network

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Cyber Security Recruitment Trends 2025 (UK): What Job Seekers Must Know About Today’s Hiring Process

Summary: UK cyber security hiring has shifted from title‑led CV screens to capability‑driven assessments that emphasise incident readiness, cloud & identity security, detection engineering, governance/risk/compliance (GRC), measurable MTTR/coverage gains & secure‑by‑default engineering. This guide explains what’s changed, what to expect in interviews, & how to prepare—especially for SOC analysts, detection engineers, blue/purple teamers, penetration testers, cloud security engineers, DFIR, AppSec, GRC & security architecture. Who this is for: SOC & detection engineers, security operations leads, DFIR analysts, penetration testers/red teamers, purple teamers, AppSec/DevSecOps engineers, security architects, cloud security engineers, identity/IAM engineers, vulnerability managers, GRC/compliance specialists, product security & security programme managers targeting roles in the UK.

Jobs

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Jobs

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.