Penetration Tester (Middle)

We’re seeking a skilled and motivated Middle Penetration Tester to join our Cybersecurity team in Astana/Almaty and support clients in identifying and addressing security vulnerabilities. In this role, you’ll participate in penetration testing engagements, assess organizations’ security posture, analyze potential threats, and help develop effective remediation strategies for clients across industries, including financial services and public sector.

• Conduct penetration testing activities to identify vulnerabilities and assess the effectiveness of clients’ security controls.
• Perform security assessments of technical infrastructure, including host-based log analysis and network analysis to identify potential compromises.
• Analyze security testing results and provide recommendations for remediation of identified vulnerabilities.
• Support the development of clear and comprehensive security assessment reports for clients.
• Participate in cybersecurity projects, collaborate with team members, and contribute to improving clients’ information security posture.

Required qualifications:

• A Bachelor’s or Master’s degree in Information Technology, Cybersecurity, or a related field.
• 1+ years of relevant experience in penetration testing, application security, cybersecurity consulting, or related areas.
• Knowledge of Windows, Unix/Linux, TCP/IP, IDS/IPS, and web content filtering technologies.
• Fluency in English (written and spoken).

Preferred qualifications:

• An understanding of IT General Controls and cybersecurity frameworks (e.g., NIST Cybersecurity Framework, ISO 27001).
• Experience with at least one object-oriented programming language (Python, Ruby, Java, etc.).
• Hands-on experience with cybersecurity learning platforms such as Hack The Box, TryHackMe, or PortSwigger.
• Experience participating in Capture The Flag (CTF) competitions.
• Relevant certifications such as OSCP or CPTS.

• The opportunity to work on challenging cybersecurity projects for leading organizations in the financial and public sectors.
• The chance to develop expertise in penetration testing and cybersecurity consulting within a global professional services environment.
• Collaboration with experienced cybersecurity professionals and access to knowledge-sharing opportunities.
• A dynamic and supportive team culture with opportunities for professional growth.

Ready to take the next step in your cybersecurity career? Apply now and join KPMG to help organizations strengthen their security and protect against evolving cyber threats.