Apply now »

Off-Cycle Internship 2026 (Jan 2026 - Jun 2026), Consulting - Cyber Defence

Function(s): Advisory

Work Type: Internship

Job Categories: Interns

Start Date for Applications: 22 Oct 2025

Closing Date for Applications:

KPMG in Singapore is part of a global organization of independent professional services firms providing Audit, Tax and Advisory services. We operate in 143 countries and territories with more than 273,000 partners and employees working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients.

Job Description

At KPMG, your long-term future is every bit as important to us as it is to you. That’s why our aim is to give you experiences that will stay with you for a lifetime. Whether it’s great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities – you’ll gain a wealth of experiences on which to build a rewarding career. We’re proud of our culture – it’s one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it – striving to be better lies at the heart of who we are. 

Technology underpins many of the most influential organisations in the world and presents opportunities for businesses that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to risks. 

We believe that by turning traditional thinking on its head, adopting a positive approach to managing risk, will set organisations free to achieve their business aspirations. 

KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & cyber security solutions. 

We are looking for candidates to join a growing team to assist clients in the following area: 

KPMG Cyber Defence, we provide comprehensive security solutions including vulnerability assessment, application and network penetration testing, wireless and mobile security, cloud security evaluation, and system security testing. Our mission is to identify blind spots in defences and offer an in-depth assessment of previously overlooked weaknesses. We specialize in red teaming to simulate real-world attacks, and purple teaming to enhance the collaboration between offensive and defensive security teams. 

As an Ethical Hacker/Penetration Tester, you will utilize the latest techniques and tools to pre-emptively test and challenge cyber security defences for our clients. You will be at the forefront of simulating advanced threat scenarios through red and purple teaming exercises, helping our clients redesign their defences to be more resilient against actual cyber-attacks. 

⠀

The role involves: 

Conduct comprehensive vulnerability assessments and penetration tests across diverse platforms, including  web and mobile applications, networks, wireless systems, cloud environments 
Engage in purple and red teaming exercises to rigorously test client defences and provide actionable insights into security posture enhancements. 
Develop detailed technical reports outlining findings, vulnerabilities, and recommended mitigations. 
Present findings and technical recommendations to senior management and clients in a clear and concise manner. 
Continually research and stay up to date with the latest cybersecurity trends, tools, and techniques.

The ideal candidate should possess: 

Degree in Cybersecurity / Information Security; OR
Degree in Engineering with relevant skills / experience / aptitude to further development in the field of cybersecurity; OR
Degree in Computer Science / IT with relevant skills / experience / aptitude to further development in the field of cybersecurity
Familiarity with multiple operating systems, including Windows, Linux, and macOS, and their related security mechanisms. 
Familiarity with scripting and programming languages such as Python, JavaScript, Bash, or PowerShell. 
Understanding of web protocols such as HTTP, HTTPS, and SSL/TLS, and how to secure web applications. Knowledge of common vulnerabilities and exploitation techniques, such as those listed in the OWASP Top Ten. 
Exposure to cloud computing environments like AWS, Azure, or Google Cloud, and a basic understanding of cloud security best practices. 
Basic proficiency in penetration testing tools such as Nmap, Metasploit, Burp Suite, Wireshark, and familiarity with Kali Linux. 
Understanding of large language models (LLMs) and their applications in cybersecurity. 
Certifications such as Offensive Security Certified Professional (OSCP), CREST Registered Penetration Tester (CRT), Certified Penetration Testing Specialist (CPTS), and Certified Bug Bounty Hunter (CBBH) / Certified Web Exploitation Specialist (CWES) are highly desirable. Candidates currently planning to pursue these certifications are encouraged to apply. 
Strong analytical and problem-solving abilities. 
Excellent communication skills with the capability to relay complex technical information clearly. 
Eagerness to learn and adapt to new technologies and methodologies. 
A proactive approach to identifying and addressing security challenges. 
Keen interest in staying up-to-date on the latest cybersecurity trends and emerging threats.

#LI-AP1

Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only. At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.

Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.

At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.

Apply now »