Progression at pace. Innovation, led by constant learning. Work that excites you with every twist and turn. It all starts at KPMG Curve. Here, you’ll progress your career as part of a connected team, while being encouraged to be your true, authentic self.

At KPMG Curve, we offer career paths that can accelerate top performers, without having to go into management. You can stay technically-focused and carry on improving in your favourite tech field. You won’t be responsible for any sales work, either.

Other benefits include a learning allowance (so you can control your own growth) and paid overtime – prioritising the things that matter most to you. We take our work-life balance seriously, and will make sure you get time back if you’ve been working on anything heavy. At the end of the day, your well-being is what matters most.

What will you be doing?

• HACKING!
• Learning and developing penetration testing skills in: Infrastructure, Application (web, mobile, desktop), Cloud and AI. Working through a clear and defined certification pathway.
• Delivering penetration tests to some of our most prestigious clients through well established frameworks.
• Collaborating with senior testers to identify vulnerabilities and simulate real-world attack scenarios.
• Documenting findings in clear, actionable reports to help clients enhance their posture.
• Staying up-to-date with the latest treds, tooling, techniques to continuously improve testing approaches.

Service Delivery Security Manager

Team

The Service Delivery Security Manager role is in the KPMG UK Information Security function and reports directly to the Security Production Assurance & Compliance Lead.  This role is critical in the provision and delivery of secure, innovative, technology-enabled services and solutions for KPMG and our clients.  The role is vital to KPMG’s ability to demonstrate that we are delivering ‘secure by design’ services and solutions such that our business stakeholders, our clients and our regulators trust KPMG.

Role

The primary purpose of the role is to enable harmonious delivery of Security Services, by ensuring strong collaboration with the external Service Providers and entire range of KPMG business functions.  There are 3 main areas of focus:

• Manage the security services relationship to protect the delivery of the end to service services that involve all KPMG UK Technology services, or third-party suppliers.
• Provide governance for infrastructure security services
• Provide an overview of the complete set of services provided by all KPMG UK Technology services, or third-party suppliers and troubleshoot any issues and escalate as appropriate.

Key responsibilities are:

• Work closely with the Service Owners who are accountable for the end-to-end services, understand their roadmap for the service and the day-to-day operational requirements

• Maintain and lead the process to manage the Governance of these services
• Ensure firm standards and guidelines are followed, and contractual or operational commitments are delivered
• Review and govern the Service Provider Quality, Improvement Plans, Issues and Operational Risks, engaging the Security Production Assurance & Compliance Lead as required
• Raise and build consensus around issues or escalations and enable timely resolution.
• Govern Service Provider Knowledge Management, Knowledge Transfer, Reporting, Documentation and other engagement practices to ensure ongoing operational excellence
• Review Service Provider capacity plan to ensure it has enough capacity to meet the required demand and is in line with the Service Owner’s roadmaps
• Consolidate and provide reports on the delivery of Security services and initiatives across the relevant KPMG capabilities
• Ensure any planned changes across Technology or Service Provider are co-ordinated to ensure there is minimum disruption to Information Security services.
• Communicate major changes or enhancements in Information Security to Service Provider/ Business function and vice-versa
• Act as a single point of contact for general queries or issues flowing to and from the Security Function to the delivery teams
• Work closely with the Service Delivery Managers and Service Owners to ensure everyone has a clear view of the remediations and expectations
• Work closely with the Security Production Assurance & Compliance Lead to implement the operational security activities, processes and standards as determined by them.
• Build long-term stakeholder relationships including negotiating service levels, and defining project scope.
• Monitor, review and drive compliance to security policies, guideline and standards (as defined by KPMG) using compliance reports supplied by the Supplier and internal teams. You will escalate issues to the Security Production Assurance & Compliance Lead where necessary
• Use your experience to propose changes to existing policies and procedures based on feedback from Internal and Supplier Service Operations teams to Security Production Assurance & Compliance Lead to drive operating efficiency and compliance
• You will support incident and problem management teams in prioritisation o

Role summary

The GSOC (Global Security Operations Center) Operations Manager is accountable for the daily running of the Security Monitoring and Response (SMR) service within GSOC. In addition, the role has management responsibilities for Levels 1, 2 and 3 teams. This role will be on the rota for the cyber commander and be the central point of contact point for the service and member firms. As such, the GSOC Operations Manager is responsible for timely response to incidents and Managing KPI's for the services it is responsible for

Do you want to make a difference to KPMG’s biggest and most important opportunities? As part of our Advisory Sales Enablement team[EM1] , you’ll be supporting teams across KPMG through the end-to-end process of winning work. We help with everything from identifying client issues and positioning KPMG through to producing exciting proposal documents and compelling pitches. You’ll be working with the most senior and influential stakeholders from across the firm on a daily basis. Building relationships, networking and growing your knowledge at the same time. We come together as a team to sell the newest, most innovative tools and solutions to the biggest organisations in the world. Our work gives KPMG the edge to win in a competitive, crowded market.

Assistant Manager

Job title: Senior Penetration Tester – Assistant Manager
Location: UK
Line of Business: Advisory - Risk Consulting Service Area: Cyber Security 
Roles and Responsibilities

The Role
At KPMG we are looking for an Assistant Manager who lives and breathes hacking and information security. You will have earned your stripes doing CHECK work in data centres and be ready to, or already skilled in leading teams of talented testers. 
In return we will provide some of the UK’s most unique government and commercial engagements for you to cut your teeth on and a friendly, passionate team to develop and grow.

The Team
The KPMG’s Cyber Defence (CDS) Team conducts client facing technical assurance and penetration testing and has a long and successful history in KPMG. Our clients are diverse and we cover many sectors with particular specialisms in Financial Services, High-end Defence Assurance and Telecommunications. We work closely with the NCSC developing new schemes such as Cross Domain Solutions Testing (https://www.ncsc.gov.uk/blog-post/ncsc-cross-domain-industry-pilot-stage-2) and are members of all current NCSC and CREST testing schemes - as a result we conduct interesting and challenging work that isn’t on offer elsewhere. 
Our team is made up of skilled individuals at different stages in their careers, centred around three locations in Leeds, Bristol and London, therefore we are able to offer flexibility in base location, as well as embracing remote working.