A career with KPMG is more than just a job. It opens the door to bigger opportunities, experiences and rewards. So step up to a bigger world with us.
If you're a qualified individual with the talent and ambition we want, KPMG has the career opportunities you deserve. Join us to leverage our global presence as one of the leading professional services firms, as well as our established reputation for enabling clients not only to adapt in a radically changing world, but to flourish in it.
KPMG in Singapore is part of a global network of professional services firms providing Audit, Tax and Advisory services. With over 219,000 outstanding professionals in the network working together to deliver value in 147 countries and territories, we offer a globally-consistent standard of service based on professional capabilities, industry insight and local knowledge. In the ASEAN region, KPMG member firms operate across all 10 countries.
Our industry focus helps KPMG firms’ professionals develop a rich understanding of clients' businesses and the insight, skills and resources required to address industry-specific issues and opportunities.
Job no: 504840
Work type: Permanent
Cyber Response is one of five pillars in KPMG’s cyber security business, the others being Strategy & Governance, Transformation, Cyber Defence (Ethical Hacking) and Education (Training).
Cyber Response pillar mainly helps clients who have experienced a cyber security incident such as ransomware, business e-mail compromise or other kinds of network intrusion. We investigate the root cause of the incident and the extent of the breach (what systems were affected and if data was exfiltrated). We also help clients to recover from the incident – help restore systems and expel intruders from the network as well as provide practical recommendations on how to prevent further incidents. The typical output of our work is a report which is used by client’s management or sent to regulators such as Singapore’s Personal Data Protection Commission (PDPC).
Other activities include preparing clients for incidents by improving the processes, writing playbooks simulating incidents through war games and providing bespoke training. You will work with an experienced team of forensic professionals, cyber incident coordinators, security professionals, attorneys, and corporate partners. As your experience grows, you will have opportunity to work in other pillars, but your first few years will be directed to become proficient in cyber response.
This role involves:
Day to day, you will be working in project teams, independent, but supervised by more experienced colleagues – Managers, and Associate Directors. You will also supervise and advise more junior colleagues on their day to day tasks. Your tasks could include computer imaging, log file analysis, investigating computer artefacts, analysis of malware, briefing your colleagues and clients, and writing parts of reports.
When incidents occur and clients request our help cannot be predicted, you will have to be flexible to accommodate the need to work out of office hours. We will always be mindful of your personal and family needs. Through KPMG’s “Take Charge” program, we provide you with the flexibility to set your working hours.
What are we looking for:
- 3-4 years of experience in a technology related field of which two years should be spent in a technical role in cyber security with experience in incident response and digital forensics.
- Good understanding of networking, how Internet works, computers and basic familiarity with any big cloud providers such as Azure, Amazon Web Services or Google Compute Platform, and, of course, Cyber Security.
- Good understanding of Microsoft Windows and Linux operating systems (OS). You should be able to understand the OS permission and security model, install and OS, apply configuration from a guide, add/remove users and review system security logs against a checklist.
- Good understanding of digital forensics and experience (or hands-on training) applying these skills.
- Computer troubleshooting skills – ability to troubleshoot using common network and system tools.
- Comfortable with command line especially on Linux and able to write simple scripts that use a loop to iterate over files.
- Ability to program in any popular language and troubleshoot programs. Most of bespoke cyber security tools in KPMG are written in Python. If you have previous experience programming in other languages, you should be able to translate the concepts after a brief training time. The expected programming proficiency is – ability to read a log file line by line, parse it into fields using regular expression, enrich data by issuing requests to a web API and write to a file the result.
- Time management. It is not uncommon to work on 2-3 projects at the same time. You should be able to understand priorities, be confident enough to clarify the priorities from senior team members and raise concerns if these are not achievable.
- Presentation skills. You should be comfortable presenting your conclusions to your colleagues and answer questions. KPMG will provide presentation skills to improve.
- Ability to write in plain English. Most projects end with a report presented to the client; you will be expected to write sections of the report on the areas you have worked on in plain (business) English.
- Hunger for knowledge. Cyber security is a rapidly expanding knowledge. You will have to continuously learn both on the job and on your own.
- Leading self. You should be able to work by yourself towards your mid-term and long-term career goals. Your senior peers will provide coaching and mentoring.
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team and personal data collected will be used for recruitment purposes.
Advertised: 16 Nov 2020 Singapore Standard Time
Applications close: 31 Jan 2021 Singapore Standard Time
Back to search results Apply now Refer a friend
Powered by PageUp
We will email you new jobs that match this search.
Ok, we will send you jobs like this.
The email address was invalid, please check for errors.
You must agree to the privacy statement