Application Security Engineer (Cyber Security)

KPMG is a global network of independent member firms offering audit, tax and advisory services. We are looking for a cybersecurity consultant with an expertise in providing security code review and implementing application security controls. 

— Conduct comprehensive security assessments for diverse applications to identify vulnerabilities and weaknesses;
— Conduct thorough code reviews to identify security flaws and potential vulnerabilities;
— Assist in the development of secure coding standards and best practices;
— Assist in the development of long-term security strategies aligned with business objectives;
— Maintain the technical means of supporting secure coding practices, including security related tools and libraries;
— Assist in the development and implementation of cybersecurity policies, procedures, and controls;
— Ensure that documented policies align with industry best practices and regulatory requirements;
— Participate in the process of forming thorough and easy-to-understand reports.

— Completed relevant Bachelor/ Master degree in IT and/or Cybersecurity fields;
— Minimum 3+ years of relevant work experience;
— Writing and speaking skill in Kazakh, Russian and English;
— Advanced understanding of information security principles, controls, and technologies;
— In-depth knowledge of security best practices, coding standards, and methodologies.
— Familiarity with security tools and frameworks (e.g., OWASP Top 10, Burp Suite, etc.).
—   Certifications: CSSLP, CASE, GWEB;

—   Proficiency in at least two of the following languages and their appropriate frameworks: C#, Go, Python, JavaScript, PowerShell;

—   In-depth understanding with controls-based audits (e.g., OWASP Application Security Verification Standard (ASVS), ISO 27034);

—   Strong understanding of web and mobile application security concepts.

—   Opportunities for professional growth;

—   Great professional IT team and friendly environment;

—   Continuous learning and development;

—   Working in any office of KPMG across Central Asia.