Cyber Response is one of five pillars in KPMG’s cyber security business, the others being Strategy & Governance, Transformation, Cyber Defence (Ethical Hacking) and Education (Training).
Cyber Response pillar mainly helps clients who have experienced a cyber security incident such as ransomware, business e-mail compromise or other kinds of network intrusion. We investigate the root cause of the incident and the extent of the breach (what systems were affected and if data was exfiltrated). We also help clients to recover from the incident – help restore systems and expel intruders from the network as well as provide practical recommendations on how to prevent further incidents. The typical output of our work is a report which is used by client’s management or sent to regulators such as Singapore’s Personal Data Protection Commission (PDPC).
Other activities include preparing clients for incidents by improving the processes, writing playbooks simulating incidents through war games and providing bespoke training. You will work with an experienced team of forensic professionals, cyber incident coordinators, security professionals, attorneys, and corporate partners. As your experience grows, you will have opportunity to work in other pillars, but your first few years will be directed to become proficient in cyber response.
The role involves:
•Utilizing leading forensic software to identify, collect, preserve and analyze electronic data from laptops, desktops, servers, backup tapes, cell phones, PDAs and a wide variety of other media;
•Demonstrating proficient working knowledge in evidence handling, chain-of-custody, acquisition techniques, analysis of digital evidence, forensic lab practices and procedures;
•Support the team with managing multiple cyber-crime incidents and forensic investigations; and
•Strong background and experience in performing forensic work that requires use of various forensic tools to analyse and/or recover deleted or hidden files, complex forensic artefacts (e.g. internet history, unallocated/slack space, memory, registry, network logs, malware, etc).
The incumbent should possess:
•Experience in computer forensics and technical investigations in legal or law enforcement, government investigation agencies, or professional services firm or forensic investigation consultant preferred;
•Bachelor's degree holder preferably in Information Technology, Computer Security, or Computer Science;
•Professional certifications such as EnCase Certified Examiner (Guidance Software), AccessData Certified Examiner (ACE), SANS GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Network Forensic Analyst (GNFA) or GIAC Reverse Engineering Malware (GREM) and membership in professional associations such as High Technology Crime Investigation Association (HTCIA) preferred.
•Understanding of information security, network architecture, general database concepts, document management, hardware and software troubleshooting, email systems such as Microsoft Exchange and Lotus Notes, Microsoft Office applications, and computer forensic tools such as EnCase and FTK;
•Ability to understand programming languages such as: C#, Java, Python, Pearl, Bash scripting, PHP, etc;
•Knowledge and experience in the following operating systems: UNIX, Linux, Windows, MacOS;
•Strong team oriented work ethic with client centric focus;
•Excellent analytical and investigative skills;
•Strong communication and presentation skills including the ability to interface with other parts of the organization such as IT assurance and security and external clients; and
•Flexibility to meet the travel requirements.
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.
At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals