National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Senior Penetration Tester - Assistant Manager

KPMG
London
1 month ago
Applications closed

Related Jobs

View all jobs

Senior Penetration Tester

Senior Penetration Tester

Senior Penetration Tester

Senior Penetration Tester

Senior Penetration Tester / Ethical Hacker (C++, C#, PowerShell)

Senior Penetration Tester - Cybersecurity

The Role


At KPMG we are looking for an Assistant Manager who lives and breathes hacking and information security. You will have earned your stripes doing CHECK work in data centres and be ready to, or already skilled in leading teams of talented testers. 
In return we will provide some of the UK’s most unique government and commercial engagements for you to cut your teeth on and a friendly, passionate team to develop and grow.

The Team
The KPMG’s Cyber Defence (CDS) Team conducts client facing technical assurance and penetration testing and has a long and successful history in KPMG. Our clients are diverse and we cover many sectors with particular specialisms in Financial Services, High-end Defence Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing ( and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn’t on offer elsewhere. 
Our team is made up of skilled individuals at different stages in their careers, centred around three locations in Leeds, Bristol and London, therefore we are able to offer flexibility in base location, as well as embracing remote working.

Responsibilities
As this is a senior role, we want your business brain as well as your technical hacking skills. You will have ideas of how to drive the business forward, and be skilled in the commercial aspects of security testing, above all you will know what clients are looking for when they buy security testing and how to deliver it.

Aspects of the role include:
• Delivery of testing and the oversight of junior testers
• Peer review of deliverables (QA) 
• Knowledge sharing
• Continuous development of self, including gaining client feedback.
• Developing constructive client relationships, both inside and outside of KPMG.
• Developing an understanding of KPMG’s broader offerings 
• Contributing to proposals and participating in client presentations.

The Person
Required
• Passion for Hacking!
• Clear and demonstrable understanding of penetration testing and red-teaming including NCSC and CREST accredited schemes.
• Proven experience of successfully delivering testing
• Proven experience working within the UK cyber security industry 
• Demonstrable understanding and practical application of information security principles
• Strong technical background in computing, networks, and programming.
• Proven experience of producing high quality deliverables working alone and as part of a team. 
• Excellent communication skills (written and verbal)
• A genuine interest and desire to work with large multi-national clients in the information security field.

Advantageous:
• Knowledge of working in secure environments (List X facilities) and accredited labs (ISO17025)
• Research and Development experience
• Threat Intelligence experience
• Application testing experience

Qualifications and Skills
Qualifications are a good way to demonstrate knowledge but are not the be all and end all, our team is made up of a large number of individuals with diverse backgrounds who all share the “hacker mindset”. 

If you have the experience then we want you to apply. Didn’t do a degree in information security? A-Levels weren’t as good as you hoped. Haven’t attended every SANS course going, we don’t mind! 

For this role we only have two formal requirements.

• NCSC CHECK Team Member
• UK Government Security Clearance – the ability to apply for and hold SC is required, DV is advantageous.

Above all, KPMG is looking for someone who is passionate about helping our clients (including the UK Government) with their cyber security challenges. In return, we are committed to helping you enjoy the role and develop your skills and career within the KPMG network

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

LinkedIn Profile Checklist for Cybersecurity Jobs: 10 Tweaks to Supercharge Recruiter Engagement

In the ever-evolving realm of cybersecurity, having a LinkedIn profile that reflects both your technical prowess and threat-hunting acumen is vital. Organisations are on the lookout for professionals skilled in penetration testing, incident response, security architecture and compliance. With hiring managers scanning dozens of profiles daily, your profile needs to not just rank in searches but convey your expertise in safeguarding digital assets. This step-by-step LinkedIn for cybersecurity jobs checklist offers ten practical tweaks to supercharge recruiter engagement. Whether you’re an aspiring security analyst, a seasoned penetration tester or a chief information security officer aiming for board-level roles, these actionable optimisations will sharpen your LinkedIn presence and position you as a top infosec candidate.