Roles are available at consultant and management level. In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience regardless of whether you come in as at consultant or management. You will be expected to lead one or two analysts to achieve a task in a project, as well as have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development. Management level roles will have additional responsibilities. The successful candidates is expected to manage and investigate a broad range of cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s incident response processes and methodologies. Consultant level roles will have opportunities to grow into management level, and management level roles will present opportunities to grow into senior leadership.
We help out clients protect, detect and respond to high end cyber threats; helping them understand the cyber threat landscape, make sensible decisions on investment priorities, and build out the specialist capabilities they need to counter financial crime and other threats.
We believe that cyber security is about helping our clients to harness business opportunities safely and securely. For us, cyber security isn’t just a technical issue, it is one which engages the whole business and focusses on a holistic approach to understanding and mitigating the risk.
Our team works closely with KPMG’s broader advisory practice to link cyber security to financial crime/fraud and risk management, operational resilience and IT transformation.
You will be a Security Architect within the Cyber team helping both grow our business and deliver high quality advice to clients.
You should expect to be involved in a wide range of challenging engagements helping our clients to understand how to harness digital opportunities in a safe and secure manner. As a Security Architect you will be advising clients on managing security risks in cloud environments; assessing and advising on security architectures; delivering automation of security controls and risk reporting; implementing and integrating security into digital customer journeys.
Our clients are under regulatory scrutiny, but are also continually battling to match a rapidly changing cyber threat landscape while harnessing the opportunities offered by digital services. We expect you to understand the world of our clients, the complexities of modern technologies, and to be able to translate complex cyber security issues into straightforward, credible, jargon free advice to our clients; while making sure we can deliver the support they require.
If you are able to help our clients seize the opportunity offered by the digital world, and do so in a secure way, then you are the type of person we are looking for.
Management and delivery of client engagements to ensure delivery, quality and value to our clients by:
- Understanding their business challenges and the threats they face
- Helping them navigate the increasingly complex cyber security regulatory environment
- Advising on digital and technical aspects of cyber security governance, frameworks and operating models
- Helping them optimise their approach to digital and technical cyber security controls and risk management
- Using security architecture in defining security transformation
- Linking cyber security to other consultancy offerings on risk management, resilience and IT transformation to provide holistic support to our clients
- Managing and delivering small-/medium-sized engagements
- Being a trusted engagement manager and a role model for quality and risk management practices
- Developing an understanding of KPMG’s broader offerings to enable identification of business opportunities
- Assisting with sales and business development activities
- Developing constructive client relationships, both inside and outside of KPMG
- Coaching and developing team members through sharing of experience and knowledge, as well as managing the performance and development of other team members
- Building out and maintaining a professional network
- Upholding KPMG’s values by acting with integrity
Track record within either the financial services or the corporates community showing an understanding of the business, threat and regulatory issues faced by clients (essential)
- Proven experience of understanding and managing aspects of cyber risk, including the assessment, analysis and reporting of cyber risk in a business context (essential)
- Proven knowledge and experience of delivering one of more of the following areas: security architecture (enterprise architecture, infrastructure or application architecture), cloud security (assessments, privacy and regulatory risks, security frameworks and controls), DevSecOps (essential)
- Proven experience of delivering security in one or more of the following cloud service provider environments: Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform, Oracle Cloud (essential)
- Proven experience in defining and/or implementing security controls across multiple layers of the IT architecture stack (essential)
- Proven experience of successfully managing cyber security services in a commercial environment, ensuring the delivery of high quality work on time and to budget
- Proven ability to lead work at sustained levels of high intensity, and inspire drive and resilience in others
- Proven ability to analyse problems, identify core issues and recommend appropriate solutions
- Proven ability in taking appropriate action after monitoring/reviewing the progress and performance of others
Qualifications and Skills:
- Degree level qualified
- Recognised cyber security qualifications (e.g. CISSP, CISM, M. Inst IISP, etc.), or comparable experience
- Recognised architecture qualifications (e.g. SABSA, TOGAF, etc.) (preferable)
- Cloud certifications
- Excellent communication skills (both written and oral), negotiation and project management skills
- Strong networking skills and a broad professional network
- Ability to interact with organisations at a senior levels