Senior SME – Cloud, Application Security Testing

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Join Kyndryl as a Penetration Testing Associate and embark on an exhilarating journey where you'll wield your strategic vision and hands-on expertise to revolutionize our approach to cybersecurity. As an integral part of our team, you'll take charge of the entire lifecycle of customer engagements, transforming the way we safeguard businesses in the digital realm.

At Kyndryl, we believe that staying ahead of the game is essential. As a Penetration Testing Associate, you'll embark on an ongoing journey of discovery, continually learning and exploring new methodologies, staying abreast of the latest security threats, attack techniques, and tools. We encourage and support your relentless pursuit of knowledge, because it is through your unyielding dedication that we can deliver unrivaled protection to our customers.

Join us now and let your passion for cybersecurity shine. Together, we will set new standards, revolutionize the industry, and ensure the highest level of security for our customers. Are you ready to make your mark as a Penetration Testing Associate at Kyndryl?

Your Future at Kyndryl

Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.

Who You Are

Role Overview

We are seeking a highly experienced Subject Matter Expert (SME) for application security testing with at Minimum 8+ years of experience to lead technical governance across cloud-based application security testing initiatives. This role will oversee quality assurance, technical escalation, and alignment with enterprise security standards, ensuring robust and compliant penetration testing practices for web, mobile applications, and APIs hosted on cloud platforms.

Key Responsibilities
Quality Assurance & Oversight

• Own the quality assurance process for all deliverables from testing team on ground.
• Review and validate assessment test plans and final reports for completeness and accuracy.
• Ensure high and critical findings are correctly identified and documented.
• Evaluate test case coverage to ensure comprehensive security assessments across web, mobile apps, and APIs.

Technical Leadership

• Act as the escalation point for complex technical issues and disputes.
• Provide expert guidance on cloud-native application security testing and penetration testing methodologies.
• Validate accuracy and testing coverage, specially for high and critical findings
• Support on ground testing resources through targeted training and mentorship.

Cloud Architecture Awareness

• Demonstrate deep understanding of how cloud services (IaaS, PaaS, SaaS) function behind applications.
• Ensure testing strategies account for cloud-native components such as serverless functions, containers, API gateways, identity services, and storage configurations.

Governance & Compliance

• Ensure all testing activities comply with industry standards such as OWASP, NIST, CSA, CIS Benchmarks, etc.
• Maintain alignment with enterprise security policies and DevSecOps practices.
• Liaise with enterprise security, DevSecOps, and cloud platform teams to ensure strategic alignment and timely resolution of issues.

Stakeholder Engagement

• Serve as the central point of contact for customer escalations, including technical disputes, delays, and high-priority issues.
• Collaborate with internal and external stakeholders to ensure governance objectives are met.

Preferred Certifications

• OSCP – Offensive Security Certified Professional
• CEH – Certified Ethical Hacker
• CCSP – Certified Cloud Security Professional
• GIAC GPEN / GWAPT / GCPN – GIAC Penetration Testing, Web App Pen Testing, Cloud Pen Testing
• AWS Certified Security – Specialty, Azure Security Engineer Associate, or equivalent cloud platform certifications
• At least one cloud certification is must

Qualifications

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of experience in cloud security, application security testing, and penetration testing.
• Proven experience in testing web, mobile applications, and APIs hosted on cloud platforms.
• Strong understanding of cloud architecture and services (AWS, Azure, GCP).
• Familiarity with security frameworks (OWASP, NIST, CSA, CIS).
• Experience in technical governance and quality assurance.
• Excellent communication and stakeholder management skills.
• Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Postman, Nessus, Metasploit).
• Good communication skills and stakeholder management experience
• Ability to work independently and manage multiple tasks simultaneously.
• Strong analytical and problem-solving skills.
  Excellent communication and teamwork abilities.

Being You

Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred

If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.

---