KPMG firms operate in 144 countries and territories, and in FY21, collectively employed more than 236,000 people, serving the needs of business, governments, public-sector agencies, not-for-profits and through KPMG firms’ audit and assurance practices, the capital markets. KPMG is committed to quality and service excellence in all that we do, bringing our best to clients and earning the public’s trust through our actions and behaviors both professionally and personally.
The candidate will be a subject matter expert, coordinate the team and responsible for:
— Performing cyber response, threat intelligence, monitoring and detection activities as part of the client’s engagements
— Building SOC’s from scratch or providing recommendations for improving the existing ones
— Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them
— Provide expert analysis investigative support of large scale and complex security incidents
— Support development of both technical and organizational solutions to address client’s issues
— Combine technical and conceptual knowledge to generate valuable reports
— Train and mentor junior staff on the cyber response matters
— Work in a committed team focused on all aspects of cyber incident response, identifying security vulnerabilities, network forensics, penetration testing, malware analysis and reverse engineering
Experience and skills required
The ideal candidate should:
— Possess Bachelor and/or Master degree in Technology, Engineering, or Business studies with Information Systems major/minor along with deep interest in technology risk, security and IT governance
— Have strong research, analytical, organizational, problem solving and inter-personal skills
— Excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences
— English — Intermediate (B1) and higher and/or a strong desire to improve English skills in a short time
— Strong IT and network skills — knowledge of common enterprise technologies — Windows and Windows Active Directory, Linux, Cisco, cloud solutions etc.
— Have a good working knowledge of information security principles, techniques and current\emerging threats, and a dedicated and self-driven desire to research and learn more in this field
— Strong understanding of security operations technologies including SIEM, EDR, SOAR/IRP, IDS/IPS, TIP etc.
— Ability to develop relevant alerting, countermeasures, and threat hunting techniques
— Have experience with security related regulatory requirements, such as NIST, PCI/DSS, ISO 27001, NBU
— Preferred experience using Python, PowerShell, Bash, or an equivalent language
— Preferred security certifications (e.g., GIAC\SANS, CREST, Offensive Security, CEH, Mile2 and similar)