Penetration Testing Manager

The world of global advisory audit and tax compliance services for large multi-nationals is rapidly changing and heavily dependent on technology.

The KPMG Delivery Network (KDN) is a KPMG special purpose member firm offering a way for clients to leverage KPMG top talent and technology platforms through regional teams of specialists enabling economies of scale and a new way of working that expands beyond local capability

Together with KDN KPMG member firms can drive the sales and delivery of global solutions at a competitive price and in a repeatable and consistent manner. As a member of KDN youll be a part of the KPMG family working alongside some of our professions most skilled practitioners on rewarding programs and initiatives that are changing the way business operates delivering value to our clients and driving positive change in the communities we serve.

Youll be enabling KDN accelerate new ways of working using cutting-edge technology and working together with our member firms located in nearly 150 countries to help us achieve our ambition to be the most trusted and trustworthy professional services firm.

And through your work youll build a global network and unlock opportunities that you may not have thought possible with access to great support vast resources and an inclusive supportive environment to help you reach your full potential.

Our KDN Bulgaria Cloud Services Unit is focused on designing building securing and managing cloud native & hybrid platforms for the KPMG group of member firms as well as providing cloud advisory and engineering services to external clients.

Your Responsibilities:

Exploitation depth (2 areas):

• Web/API: Manual exploitation beyond scanners; SSRF (incl. IMDS) IDOR/BOLA OAuth/OIDC/JWT issues deserialization template injection GraphQL authZ file upload/RCE.

• Internal/AD: Kerberoasting & ASREP roast constrained/unconstrained delegation RBCD ADCS abuses (e.g. ESC1/ESC8) NTLM relay/LLMNR lateral movement and path analysis (within scope). Infrastructure & Enterprise Assessments (ISSAFaligned): Ability to plan and execute structured assessments of enterprise environments using ISSAF (or equivalent PTES/OSSTMM/NIST800115) covering network/perimeter testing segmentation control validation host/service hardening review (Windows/Linux) identity/directory platforms at a capability level (e.g. AD/Azure AD/LDAP) remote access (VPN/VDI/SSO/MFA) wireless posture (802.11) and network device configuration review (firewalls/routers/switches). Emphasis on recon -> enumeration -> vuln validation -> exploitation -> postexploitation triage -> evidencedriven reporting strictly within ROE.

• Cloud (AWS/Azure): IAM privilege escalation role assumption via SSRF misconfig exploitation (S3/Blob policies) Managed Identity abuse basic Kubernetes/RBAC misconfigs.
  
  

What you bring in:

• Certifications: OSCP (required); OSWE preferred or equivalent demonstrable webexploitation depth (portfolio writeups tooling).
• Engagement leadership: Proven ability to scope ROE plan tests lead execution ensure QA and deliver readouts; aligns to PTES / NIST 800115 and OWASP ASVS/WSTG.
• Tooling & scripting: Burp Suite Pro; Nmap; Impacket/Responder; BloodHound/SharpHound; CrackMapExec; Kerbrute; Python/PowerShell/Bash for PoCs and oneoffs; Git for versioning.
• Reporting & communication: Evidencedriven reproducible findings with clear business impact and remediation; confident executive & engineering readouts.
• Governance: Strong data handling logging and chainofcustody discipline; operates strictly within ROE and client compliance environments (e.g. ISO 27001 PCI DSS etc).
• Nice to have: Presales/SOW creation mentoring and playbook/tooling development.
• Fluent English language skills are a must

What we offer:

• The chance to work in a top talent team
• Attractive remuneration
• Build knowledge in cutting-edge technologies
• Opportunity for continuous training learning and certification
• Experience in an international and multicultural organization
• Work on challenging projects with clients in various industries around the globe
• Modern office environment
• Additional health insurance
• Life insurance
• 50 benefits and services to choose from
• Hybrid working policy