KPMG in Romania is one of the world’s leading providers of Audit, Tax and Advisory services. At KPMG we run our firm just as effectively as we support and strengthen our clients’ businesses. That means hiring talented people to help develop and manage our brand, publish our thought leadership, control our finances, run our IT infrastructure, and support our professionals in the field.
KPMG in Romania offers great opportunities to build a successful career.
When you choose KPMG as the place to build your career, you choose to inspire confidence and empower the change around you.
KPMG ’s vision is to recruit extraordinary people and build extraordinary professionals.
We are looking for a highly skilled and creative Red Team Operator to join our cybersecurity team. This role involves simulating advanced adversarial threats to uncover vulnerabilities across digital, physical, and human attack surfaces. You will emulate real-world threat actors, including nation-state and cybercrime groups, to test and improve the resilience of our clients' security posture.
Key Responsibilities
- Plan and execute full-scope red team campaigns, including digital, physical, and social engineering components.
- Simulate sophisticated cyber-attacks using stealthy tactics, techniques, and procedures (TTPs) aligned with MITRE ATT&CK and TIBER-EU frameworks
- Develop and deploy custom implants, backdoors, and payloads that evade detection
- Conduct threat emulation exercises including ransomware scenarios, lateral movement, and privilege escalation
- Maintain detailed audit trails and operational logs for all activities.
- Collaborate with Blue Teams to validate detection and response capabilities.
- Deliver comprehensive reports and executive summaries for stakeholders and audit committees
- Stay current with emerging threats, zero-days, and offensive security tools.
Required Qualifications:
- Minimum 3 years of experience in Red Teaming, penetration testing, or offensive security.
- Certifications such as OSCP, OSCE, CRTP, GPEN, GXPN or similar
- Proficiency with tools like Cobalt Strike, Metasploit, Empire, and custom scripts.
- Strong understanding of Windows and Linux internals, Active Directory, and cloud environments.
- Experience with threat modeling and scenario development.
- Excellent written and verbal communication skills in English.
Preferred Experience:
- Participation in TIBER-EU or similar regulatory red team exercises
- Familiarity with secure infrastructure deployment and non-attributable operations.
- Experience in physical security assessments and social engineering campaigns.
- Ability to develop custom tooling and automation for offensive operations
What’s in it for you? What do we offer?
- Access to cutting-edge red team infrastructure and global expertise
- Opportunities to work on high-impact engagements across banking, telecom, and critical infrastructure.
- Continuous learning and certification support - The possibility to fulfill your potential through various training courses and gain additional professional qualifications.
- Career advancement opportunities.
- Flexible workplace and work environment.
Working at KPMG is also about happy people and an internal culture that supports employees in following their passions through various activities and events. We also have numerous benefits to support your health, a flexible working schedule and many more advantages
Confidentiality
Confidentiality will be ensured to protect the interests of applicants.
Only preselected candidates will be invited to an interview.
#LI-Hybrid