Red Team Cyber Security, Senior Associate/ Assistant Manager

Job Description

At KPMG, your long-term future is every bit as important to us as it is to you. That’s why our aim is to give you experiences that will stay with you for a lifetime. Whether it’s great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities – you’ll gain a wealth of experiences on which to build a rewarding career. We’re proud of our culture – it’s one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it – striving to be better lies at the heart of who we are. 

KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, and Availability of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & cyber security solutions. 

Cyber team members regularly interact with C-Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind-set, understanding of IT within a Business context, and well-developed communication skills are essential. 

The role involves:

• Identify and resolve complex issues and develop innovative solutions for high profile clients on a variety of local and international engagements

• Actively identify and support business development opportunities which includes supporting the team with sales activities such as proposal writing and client presentations

• Coach and develop team members as part of the firm’s overall Performance Management process or on specific engagements

The ideal candidate should possess:

• Minimum 4 years of consulting experience in Red Teaming/Pentesting and possesses industry recognised certifications (e.g. CISSP, OSCP, CRT, CREST, CRTP)

• Passionate and able to demonstrate strong interest in the field of cyber security, in particular technical assessments/reviews

• Experienced and well versed in security testing domains. For example, red teaming and threat intelligence, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing

• Experienced and demonstrates strong understanding and capability to lead/execute red teaming engagements encompassing intel-led approach, from planning to execution of red team exercises, create/develop/implement TTPs based on profiles of specific threat actors against industry frameworks and best practices, and to exercise closure.

• Ability to lead, manage, oversee cyber multiple engagements across multi security testing disciplines independently and cohesively with the engagement team

• Able to demonstrate strong project management skills in areas such as meeting requirements, timelines, documentations, overseeing risk management aspects in a project lifecycle

• Possesses strong understanding of IT risks and its business context/impact

• Possesses excellent written and communication skills to translate and communicate with C-Suite clients, direct reports and team members

• Self-driven, possesses strong desire to learn and identify new technologies and services, and willingness to share knowledge with the team