KPMG’s Cyber Security professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, our Cyber Security team performs technology-risk focused assessments, maturity assessments, technology compliance, IT/operational process reviews, and design and implementation of information risk & security solutions.

Successful candidates will get to rotate across the three Cyber Security disciplines before specializing in:

1. Technology Risk and Outsourcing Governance 

This discipline covers IT-Business related consulting over how an organisation manages technology risk and governs its outsourcing. This involves review, re-design and implementation controls over the organisation`s IT environment. Topics include system development, project management, business or IT outsourcing, business continuity management, information security, incident management, user access management.

2. Cybersecurity 

This discipline covers designing and implementing Cybersecurity strategy and frameworks; Cyber maturity assessments; organisational design for Information Security; design and rollout of information security processes such as Incident Management, Intrusion Detection, and Security Monitoring; Data Governance and classification; Data Privacy; Software Asset Management and conducting Cyber resiliency exercises

3. Ethical Hacking 

This discipline covers vulnerability assessment, application and network penetration testing, wireless security, mobile security, and system security testing.

Cyber Security team members regularly interact with C-Suite clients, such as Chief Executive Officer (CEO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind-set, understanding of IT within a Business context, and well-developed communication skills are desirable.

The ideal candidate should:

  • have a degree in technology, engineering, or business studies with information systems major/minor along with deep interest in technology risk, security and IT governance will be considered.
  • be client-centric with good communication skills.
  • be able to work as part of a team, and at the same time being an independent self-starter.
  • be driven to learn new things and share knowledge with your clients and colleagues.
  • be flexible working style to work in a dynamic environment.
  • have work experience such as internships, leadership positions in clubs, associations, or part-time jobs.