We are KPMG's technology arm in Israel. KPMG delves headfirst into the power of emerging technologies and scientific breakthroughs to craft solutions, projects, and products for companies facing complex business challenges in today's continuously changing world. By uniting groundbreaking technology with industry expertise, we are able to harness the potential of cloud, AI, ML, digital, and cyber to design and implement top-of-the-line tailored solutions.
We are seeking a Cyber Security Assessment Expert who will be responsible for performing in-depth security assessments on various infrastructure components and applications of our clients, both small and big.
This role requires a deep understanding of cybersecurity practices, the ability to identify and mitigate security vulnerabilities, and expertise in assessing both on-premises and cloud-based systems.
The Expert will work closely with development, infrastructure, and security teams to ensure the Client’s organization systems remain secure against internal and external threats.
Key Responsibilities:
Security Testing & Assessments:

• Conduct comprehensive security assessments on infrastructure components such as servers, networks, firewalls, databases, and cloud environments.
• Perform application audits, which includes API security, WAF configuration, and implementing best practices.
• Identify vulnerabilities, misconfigurations, and weaknesses in systems, applications, and network environments.

Vulnerability Management:

• Analyze and prioritize identified vulnerabilities and work with teams to remediate findings.
• Assist with the development and implementation of mitigation strategies to address vulnerabilities.
• Perform periodic retesting of identified vulnerabilities to confirm mitigation.

Security Reporting & Documentation:

• Document findings in clear, concise reports, providing actionable recommendations for security improvements.
• Develop comprehensive security assessment reports, including executive summaries for management.

Compliance & Risk Management:

• Ensure security assessments align with industry regulations, standards (e.g., ISO 27001, NIST, PCI-DSS), and organizational policies.

Requirements:

• 2-3 years of experience in Conducting security assessments
• Technical Background with technologies, products and solutions in the field of information and cyber security such as: Firewalls, Mail Relay, Proxy, NAC, EDR, VPN, SIEM etc.
• Proficiency in working in Windows environments: Active Directory, Exchange.
• Knowledge in Networking protocols technology & Hybrid environments architecture
• Cyber Security certifications from different vendors – advantage
• Working for a consulting or integration company – Advantage
• Location – Client Site & Office

Skills

• Technical, up to date knowledge, hands-on security implementation professional
• Capable learner who can expand to related and new cyber domains
• Personal abilities to multi-task, work well under pressure and well organized
• Excellent communication, reporting and presentation skills
• Fluent English - reading, speaking and writing technical reports (additional languages - an advantage)

The position is open for all genders as well as people with disabilities.