Specialist, IT Security
KPMG in Singapore is part of a global organization of independent professional services firms providing Audit, Tax and Advisory services. We operate in 138 countries and territories with more than 276,000 partners and employees working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients.
Job Description
We are looking for a hands-on IT Security Specialist to support daily security operations, regulatory compliance, and enterprise security initiatives.
This role is critical in maintaining the firm’s security posture, ensuring timely response to security incidents, and supporting ongoing regulatory and audit requirements. The position involves close collaboration with business stakeholders, global security teams, and other technology teams.
Key Responsibilities
- Security Operations & Incident Response
Manage day-to-day security operations, including monitoring, investigation, and response to security incidents. Work closely with local and global SOC teams to ensure timely containment and resolution. - Vulnerability Management
Drive the end-to-end vulnerability management lifecycle (scanning, prioritisation, remediation tracking, and reporting) to minimise risk exposure and maintain audit visibility. - Regulatory Compliance & Audit Support
Support compliance with regulatory and industry standards (ISO 27001, MAS TRM, CSA Cyber Trust Mark). Maintain documentation, perform control testing, and ensure audit readiness. - Access Governance & Identity Management
Manage user access reviews (UAR), privileged access (PAM), and identity lifecycle processes to enforce least privilege and strong access controls. - Security Platform Management
Administer and support key security solutions such as web security gateways, DLP, endpoint protection, and data classification tools. Ensure effective policy enforcement and continuous improvement. - Incident & Data Breach Management
Lead investigation and remediation of security incidents and data breaches. Coordinate with business, legal, risk, and global teams where required. - Emerging Technology & Cloud Security
Support secure adoption of cloud services, AI tools, and enterprise platforms, ensuring alignment with security and compliance requirements.
Requirements
- Degree in Information Security, Computer Science, or a related field
- 3 - 5 years of relevant experience in IT security
- Hands-on experience in:
- Security operations and incident response
- Vulnerability management processes and tools
- Identity and access management (IAM, PAM, UAR)
- Security technologies (e.g., DLP, endpoint security, web gateways, CASB)
- Good understanding of ISO 27001 security framework
- Ability to operate in a fast-paced environment with high operational demand
- Strong stakeholder management and communication skills
- Certifications such as CompTIA Security+, CompTIA CySA+, or equivalent
⠀
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.
At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.