Engineer the Quantum RevolutionYour expertise can help us shape the future of quantum computing at Oxford Ionics.

View Open Roles

Senior Penetration Tester - Assistant Manager

KPMG
West Sussex
3 months ago
Applications closed

Related Jobs

View all jobs

Senior Penetration Tester

Senior Penetration Tester

Senior Secret Cleared Penetration Tester (10+ years) to identify vulnerabilities, assess risks and the overall security posture of systems

BDO Digital Senior Offensive Security Analyst

Security Architect

Senior Application Security Engineer

The Role


At KPMG we are looking for an Assistant Manager who lives and breathes hacking and information security. You will have earned your stripes doing CHECK work in data centres and be ready to, or already skilled in leading teams of talented testers. 
In return we will provide some of the UK’s most unique government and commercial engagements for you to cut your teeth on and a friendly, passionate team to develop and grow.

The Team
The KPMG’s Cyber Defence (CDS) Team conducts client facing technical assurance and penetration testing and has a long and successful history in KPMG. Our clients are diverse and we cover many sectors with particular specialisms in Financial Services, High-end Defence Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing ( and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn’t on offer elsewhere. 
Our team is made up of skilled individuals at different stages in their careers, centred around three locations in Leeds, Bristol and London, therefore we are able to offer flexibility in base location, as well as embracing remote working.

Responsibilities
As this is a senior role, we want your business brain as well as your technical hacking skills. You will have ideas of how to drive the business forward, and be skilled in the commercial aspects of security testing, above all you will know what clients are looking for when they buy security testing and how to deliver it.

Aspects of the role include:
• Delivery of testing and the oversight of junior testers
• Peer review of deliverables (QA) 
• Knowledge sharing
• Continuous development of self, including gaining client feedback.
• Developing constructive client relationships, both inside and outside of KPMG.
• Developing an understanding of KPMG’s broader offerings 
• Contributing to proposals and participating in client presentations.

The Person
Required
• Passion for Hacking!
• Clear and demonstrable understanding of penetration testing and red-teaming including NCSC and CREST accredited schemes.
• Proven experience of successfully delivering testing
• Proven experience working within the UK cyber security industry 
• Demonstrable understanding and practical application of information security principles
• Strong technical background in computing, networks, and programming.
• Proven experience of producing high quality deliverables working alone and as part of a team. 
• Excellent communication skills (written and verbal)
• A genuine interest and desire to work with large multi-national clients in the information security field.

Advantageous:
• Knowledge of working in secure environments (List X facilities) and accredited labs (ISO17025)
• Research and Development experience
• Threat Intelligence experience
• Application testing experience

Qualifications and Skills
Qualifications are a good way to demonstrate knowledge but are not the be all and end all, our team is made up of a large number of individuals with diverse backgrounds who all share the “hacker mindset”. 

If you have the experience then we want you to apply. Didn’t do a degree in information security? A-Levels weren’t as good as you hoped. Haven’t attended every SANS course going, we don’t mind! 

For this role we only have two formal requirements.

• NCSC CHECK Team Member
• UK Government Security Clearance – the ability to apply for and hold SC is required, DV is advantageous.

Above all, KPMG is looking for someone who is passionate about helping our clients (including the UK Government) with their cyber security challenges. In return, we are committed to helping you enjoy the role and develop your skills and career within the KPMG network

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

The Future of Cybersecurity Jobs: Careers That Don’t Exist Yet

Cybersecurity has moved from a specialist concern to a national and global priority. Once seen as an IT issue, it is now a boardroom subject, a government responsibility, and a daily reality for individuals. With the increasing reliance on digital infrastructure, cloud platforms, and artificial intelligence, the risks posed by cyber threats have never been higher. The UK’s cybersecurity sector is thriving. It is home to thousands of companies offering defence services, penetration testing, encryption solutions, and critical infrastructure protection. Demand for cybersecurity skills continues to rise, with both the public and private sector investing heavily to defend against ransomware, nation-state cyber operations, and new forms of digital crime. Yet the industry is still at the beginning of its journey. The technologies that will define the next two decades—artificial intelligence, quantum computing, extended reality, and the Internet of Things—are only just starting to reshape cybersecurity. This means that many of the most important cybersecurity jobs of the future don’t even exist today. This article explores why new roles will emerge, what they might look like, how today’s jobs will evolve, why the UK is well-positioned to lead, and how professionals can prepare.

Seasonal Hiring Peaks for Cybersecurity Jobs: The Best Months to Apply & Why

The UK's cybersecurity sector has emerged as one of the most critical and lucrative technology markets, with roles spanning from security analysts to penetration testers and chief information security officers. With cybersecurity positions commanding salaries from £28,000 for junior security analysts to £140,000+ for senior security architects, understanding when organisations actively recruit can dramatically impact your career trajectory in this essential field. Unlike traditional IT sectors, cybersecurity hiring follows distinct patterns influenced by threat landscapes, regulatory compliance cycles, and incident response requirements. The sector's unique combination of perpetual threat evolution, regulatory pressures, and skills shortages creates predictable hiring windows that strategic professionals can leverage to advance their careers in protecting Britain's digital infrastructure. This comprehensive guide explores the optimal timing for cybersecurity job applications in the UK, examining how cyber threat cycles, compliance deadlines, and government initiatives influence recruitment patterns, and why strategic timing can determine whether you join a cutting-edge security consultancy or miss the opportunity to defend against tomorrow's cyber threats.

Pre-Employment Checks for Cyber Security Jobs: DBS, References & Right-to-Work and more Explained

The cyber security sector in the UK stands at the forefront of protecting national infrastructure, business operations, and personal data from increasingly sophisticated cyber threats. As organisations across all sectors recognise cyber security as a critical business function, employers are implementing the most rigorous pre-employment screening processes in the technology industry to ensure they recruit professionals capable of defending against advanced persistent threats and maintaining the highest standards of security and trustworthiness. Whether you're a penetration tester, security analyst, incident response specialist, or chief information security officer, understanding the comprehensive vetting requirements is essential for successfully advancing your career in this security-critical field. This detailed guide explores the extensive background checks and screening processes you'll encounter when applying for cyber security positions in the UK, from fundamental eligibility verification to the most stringent security clearance requirements and specialised threat intelligence assessments.