KPMG is a global network of professional firms providing Audit, Tax and Advisory services.
We operate in 143 countries and territories, and in FY22, collectively employed more than 265,000 people working in member firms around the world. KPMG is the brand under which the member firms of KPMG International Limited (“KPMG International”) operate and provide professional services. “KPMG” is used to refer to individual member firms within the KPMG organization or to one or more member firms collectively.
KPMG is committed to three key imperatives: quality of services, insight into the problems of our clients, and integrity in our business. It is these principles that drive our firms’ professionals to provide audit, tax, and advisory services that reflect global consistency and unwavering integrity. We will build and sustain our reputation as the best firm to work with by ensuring that our people, our clients and our communities achieve their full potential.
The candidate will be a subject matter expert, coordinate the team and responsible for:
— Performing cyber response, threat intelligence, monitoring and detection activities as part of the client’s engagements
— Building SOC’s from scratch or providing recommendations for improving the existing ones
— Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them
— Provide expert analysis investigative support of large scale and complex security incidents
— Support development of both technical and organizational solutions to address client’s issues
— Combine technical and conceptual knowledge to generate valuable reports
— Train and mentor junior staff on the cyber response matters
— Work in a committed team focused on all aspects of cyber incident response, identifying security vulnerabilities, network forensics, penetration testing, malware analysis and reverse engineering
Experience and skills required
The ideal candidate should:
— Possess Bachelor and/or Master degree in Technology, Engineering, or Business studies with Information Systems major/minor along with deep interest in technology risk, security and IT governance
— Have strong research, analytical, organizational, problem solving and inter-personal skills
— Excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences
— English — Intermediate (B1) and higher and/or a strong desire to improve English skills in a short time
— Strong IT and network skills — knowledge of common enterprise technologies — Windows and Windows Active Directory, Linux, Cisco, cloud solutions etc.
— Have a good working knowledge of information security principles, techniques and current\emerging threats, and a dedicated and self-driven desire to research and learn more in this field
— Strong understanding of security operations technologies including SIEM, EDR, SOAR/IRP, IDS/IPS, TIP etc.
— Ability to develop relevant alerting, countermeasures, and threat hunting techniques
— Have experience with security related regulatory requirements, such as NIST, PCI/DSS, ISO 27001, NBU
— Preferred experience using Python, PowerShell, Bash, or an equivalent language
— Preferred security certifications (e.g., GIAC\SANS, CREST, Offensive Security, CEH, Mile2 and similar)