Consulting, Cyber Response, Graduate Associate 2026

Job Description

At KPMG, your long-term future is every bit as important to us as it is to you. That’s why our aim is to give you experiences that will stay with you for a lifetime. Whether it’s great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities – you’ll gain a wealth of experiences on which to build a rewarding career. We’re proud of our culture – it’s one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it – striving to be better lies at the heart of who we are.  

Technology underpins many of the most influential organisations in the world and presents opportunities for businesses that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to risks.  

We believe that by turning traditional thinking on its head, adopting a positive approach to managing risk, will set organisations free to achieve their business aspirations.  

KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & cyber security solutions.  

KPMG Cyber Response professionals work at the forefront of major cyber-attacks, supporting our clients as the “First Responders” to cyber security incidents and any major cyber emergency. Cyber Response helps clients who have experienced a cyber security incident or is suspecting an ongoing cyber-attack such as ransomware, business e-mail compromise, data-breach, security incidents in cloud, unauthorised access to IT resources or other kinds of network intrusion. We investigate the root cause of the incident and the extent of the breach, like data exfiltration, compromised accounts, identifying impacted hosts and servers, active threats and malicious files in the environment. We help clients with containment and remediation for effective and timely recovery from the incident and the restoration of the systems, expel intruders from the network, as well as provide practical recommendations on how to prevent further incidents.  

We are looking for candidates to join a growing team to assist clients in the following area:  

KPMG Cyber Response professionals work at the forefront of major cyber-attacks, supporting our clients as the “First Responders” to cyber security incidents and any major cyber emergency. Cyber Response helps clients who have experienced a cyber security incident or is suspecting an ongoing cyber-attack such as ransomware, business e-mail compromise, data-breach, security incidents in cloud, unauthorised access to IT resources or other kinds of network intrusion. We investigate the root cause of the incident and the extent of the breach, like data exfiltration, compromised accounts, identifying impacted hosts and servers, active threats and malicious files in the environment. We help clients with containment and remediation for effective and timely recovery from the incident and the restoration of the systems, expel intruders from the network, as well as provide practical recommendations on how to prevent further incidents.  

⠀

KPMG Cyber Response also helps client with non-emergency engagements involving Compromise Assessment (CA) and Threat Hunting (TH). Such engagement helps detect threat and/or possible compromise during early stages of cyber-attack before disrupting major business operations. To support clients in enhancing their IR capabilities and security posture, KPMG also supports with other engagements like Table-Top Exercise (TTX), IR Training, Playbook development and Incident Response (IR) plan review.  

The role involves: 

• The security professional will work closely with KPMG cyber security subject matter experts to design, implement, test and support solutions for KPMG’s clients. 
• The security professional will work closely with KPMG engagement managers to assist in log analysis, review of endpoint data to identify anomalies, indicators of compromise (IOCs), malicious files, and threat actor to determine the root cause and incident impact. 
• Support in containment and eradication efforts. 
• Assist with documenting findings and contribute to IR update calls. 
• Collaborate with other cyber teams to deliver end-to-end incident response and recovery which may include supporting the delivery of Cyber OT/IoT security services like risk assessment, VAPT, OT cybersecurity audit and cybersecurity maturity assessment. 
• Work closely with senior team members to assist with preparation of playbooks, TTX materials and business proposals. 

The ideal candidate should possess:  

• Degree in Cybersecurity / Information Security; OR
• Degree in Engineering with relevant skills / experience / aptitude to further development in the field of cybersecurity; OR
• Degree in Computer Science / IT with relevant skills / experience / aptitude to further development in the field of cybersecurity
• The ideal candidate should understand core cybersecurity principles, including threat vectors, vulnerabilities, and basic defence mechanisms. 
• Awareness of standards and frameworks such as NIST, ISO 27001 and SANS PICERL model. 
• Familiarity with Windows artifacts, endpoint logs, network device logs, experience in forensic Triage is preferred but not mandatory. 
• Familiarity with the incident response lifecycle and ability to support containment and recovery efforts. 
• Ability to contribute to incident reports, playbooks, TTX reports. 
• Programming skills is preferred. 
• Strong understanding of Operating Systems – Windows, Linux, Mac and cloud environments (Azure, AWS and Google) is preferred. 
• Entry level certifications such as CompTIA Security+, CHFI, CEH or mid-level certifications from GIAC is desirable but not mandatory.  

Soft Skills  

• Strong problem-solving skills with the ability to break down complex issues into smaller components. 
• Ability to work as a part of larger team and independently. 
• Clear verbal and written communication skills, especially while documenting findings or interacting with clients and team members. 
• Demonstrates integrity, accountability, and a client-focused mindset. 
• Eagerness to learn and grow in the cybersecurity domain through continuous learning, keen interest in research in evolving technologies and sharing across the larger team. 

#LI-BC1