KPMG Canada posts job for Senior Offensive Cybersecurity Consultant in Montréal

KPMG Canada posted a job preview on job aggregation sites on Feb. 21, 2026 seeking a Senior Consultant for its Offensive Cybersecurity practice in Montréal. The listing explicitly calls for an experienced offensive security professional and appeared publicly as a recruitment signal for the Montréal office.

The published requirements name penetration testing, red-team engagements and vulnerability assessments as core competencies for the Senior Offensive Cybersecurity Consultant role. The job preview frames the position within KPMG Canada’s Offensive Cybersecurity practice, indicating the hire would sit on that specialized team based in Montréal.

The posting date of Feb. 21, 2026 and the use of job aggregation sites were visible in the preview metadata, marking the opening as a current recruiting effort rather than a speculative future plan. Title and location were clear in the listing: Senior Consultant, Offensive Cybersecurity, Montréal, under the KPMG Canada banner.

Because the listing calls for experienced practitioners and uses the senior-consultant title, the role appears aimed at candidates with hands-on offensive security track records who can run penetration tests and red-team exercises on client environments. The presence of vulnerability assessments in the requirements signals continued demand for technical assessment capabilities within KPMG Canada’s Montréal practice.

The job preview is the first public trace of this specific hire; no additional KPMG Canada statements or internal posting details were included in the preview that appeared on Feb. 21, 2026. Interested candidates would have encountered the role through the job aggregation sites where the preview was posted and could proceed through KPMG Canada’s standard application channels as indicated in that listing.

This hire adds a named senior role to KPMG Canada’s Offensive Cybersecurity roster in Montréal and was made public on Feb. 21, 2026 via job aggregation sites, with explicit expectations around penetration testing, red-team engagements and vulnerability assessments.