KPMG is a global network of professional services firms. Across 145 countries, 236,000 KPMG people provide Audit, Tax and Advisory services to a huge range of clients, from leading brands to public bodies, global multi-nationals and local businesses. KPMG had been working in Ukraine since 1992.
23 червня 2022

Cybersecurity senior consultant (вакансія неактивна)

Київ

KPMG Cybersecurity practice assist clients to address their concerns around security of their technology, business systems, and information assets. To join a growing team to assist clients with managing one or more of the following areas.

KPMG is a global network of independent member firms offering audit, tax and advisory services. KPMG member firms operate in 147 countries, collectively employing more than 219,000 people, serving the needs of business, governments, public-sector agencies, not-for-profits and through member firms’ audit and assurance practices, the capital markets. KPMG has been working in Ukraine since 1992, and our goal has always been to use the firm’s global intellectual potential, combined with the practical experience of our Ukrainian professionals, to help leading companies to achieve their goals. In Ukraine KPMG’s offices are in Kyiv and Lviv.

Given our strong prospects for continued growth and success, we are looking for experienced professionals to join our team and grow with us, in order to meet the needs of our expanding client base.

The role:

KPMG Cybersecurity practice assist clients to address their concerns around security of their technology, business systems, and information assets. To join a growing team to assist clients with managing one or more of the following areas:

DevSecOps — this discipline covers technologies for administering and securing software applications and infrastructure components for client projects, optimization, design, configuration and implementation of new solutions, migration and operation of IT environments into cloud

Identity & Access Management — this discipline covers defining the strategy of identity governance, access management, privileged access management, related technologies, processes, and software solutions

Security Operations — this discipline covers designing, implementing, and operating effective and efficient security monitoring and security operations functions, advising clients on the definition, delivery and execution of advanced Security Operations strategies

Security Architecture — this discipline covers defining and implementation of security architecture strategies, frameworks, and governance processes, developing secure architecture patterns/blueprints, assessing maturity of existing security architecture practices etc.

Cloud Security — this discipline covers tools and leading practices to help clients to assess, design, build, deploy, test, operate & monitor secure workloads across cloud environments

Threat Intelligence — this discipline covers building threat intelligence capabilities for our clients to help them collect, process, and analyze data about threat actor, their motives, and attack behaviors

Experience and skills required

The ideal candidate should:

— Possess Bachelor and/or Master degree in Technology, Engineering, or Business studies with Information Systems major/minor along with deep interest in technology risk, security and IT governance;
— Have strong analytical, problem solving and inter-personal skills;
— Excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences;
— Have a good working knowledge of information security principles, techniques and current\emerging threats, and a dedicated and self-driven desire to research and learn more in this field;
— Have a knowledge and experience with the Windows and Linux operating systems;
— Have experience with security related regulatory requirements, such as NIST, PCI/DSS, ISO 27001, NBU;
— Preferred experience using Python, PowerShell, Bash, or an equivalent language;
— Preferred security certifications (e.g., CISSP, CISM, CISA, CEH, GIAC, CREST, Offensive Security, SANS and similar).