Cybersecurity Senior Consultant

KPMG Azerbaijan is seeking an experienced and technically strong Senior Consultant in Cybersecurity to join our Technology Consulting practice in Baku. This role is ideal for professionals who thrive in technical cybersecurity engagements, including penetration testing and security assessments, while also advising clients on how to strengthen their overall cyber resilience.

Responsibilities

‒ Conduct technical cybersecurity assessments including penetration testing of web, mobile, APIs, cloud, infrastructure, and Active Directory environments, applying industry-leading methodologies and tools.

‒ Translate technical findings into business impact, preparing and delivering high-quality reports, presentations, and workshops tailored to both technical and executive-level stakeholders.

‒ Support clients in developing cybersecurity strategies, architectures, and roadmaps, aligning technical outcomes with business priorities and regulatory obligations.

‒ Coach and review the work of junior consultants, helping build a high-performing team.

‒ Ensure timely, client-focused, and quality delivery of project tasks, contributing to overall engagement success.

Requirements

‒ Bachelor’s or Master’s degree in Information Security, Computer Science, Engineering, or a related discipline.

‒ 3–6 years of hands-on experience in penetration testing and technical cybersecurity assessments.

‒ Strong communication and presentation skills with the ability to explain technical concepts to non-technical audiences in both Azerbaijani and English (Turkish/Russian is a plus).

‒ Proven analytical and problem-solving skills in complex client environments.

‒ Demonstrated professionalism, integrity, and quality focus in client-facing projects.

‒ Relevant cybersecurity certifications such as OSCP, OSWE, GPEN, GXPN, CEH, CISSP (or equivalent) are highly desirable.

Technical & Consulting Skills (Preferred):

‒ Solid expertise with penetration testing methodologies and tools (Burp Suite, Metasploit, Nmap, Kali Linux, etc.).

‒ Deep understanding of vulnerabilities and secure coding (OWASP Top 10, SANS Top 25).

‒ Practical knowledge of Active Directory assessments, cloud security testing (AWS, Azure), and social engineering exercises.

‒ Knowledge of scripting/programming (Python, PowerShell, Bash, Java, etc.) to support automation and testing efficiency.

‒ Proficiency in preparing client deliverables using MS Office (Excel, Word, PowerPoint, Visio).