I'm looking for

The Team

Joining the growing Cloud Engineering team in our Technology & Engineering Division, the DevOps Engineer is responsible for development operations, server and user administration, and code deployment for KPMG’s back end cloud applications and products. The DevOps Engineer will develop infrastructure as code and templates for new cloud-based environments, respond to DevOps and Cloud tickets, oversee deployment and configuration tools, manage cloud resources, manage users, manage access to environments, etc. The DevOps engineer will work on public clouds: AWS and Azure platforms.


The Role
• Build and Administer instances and services in the public cloud for Development, QA, and Production environments.
• Script, test and deploy new versions of environments and target infrastructures.
• Support development and QA across various projects to satisfy their day to day needs.
• Study and implement new tools for increased productivity, security, reliability and performance.
• Develop tools and services useful in DevOps environments such as performance monitoring, security monitoring, deployment/configuration, continuous integration/build servers and cloud resource creation scripts.
• Create documentation of current and newly implemented environments with associated troubleshooting steps.


The Person

• Windows configuration, management and administration (IIS).
• Linux configuration, management and administration.
• Familiarity with Amazon cloud solutions and architectures (EC2, S3, Cloud Formation, RDS, CloudWatch, SES, SQS, ). Hands-on experience highly desired.
• Familiarity with Azure Cloud Solutions and architectures (Windows VM’s, Web Apps, SQL Database, Document Store, BI stack, Virtual Network, Azure AD).
• Understanding of network protocols throughout the 3-7 OSI layers.
• Continuous integration and source control (TeamCity/Bamboo/Jenkins, Git/Stash).
• Basic software development skills/experience. Scripting experience a bonus.
• Security concepts, protocols and configuration (authentication, authorization, encryption, PKI).
• A strong technical foundation in enabling agile build, release and environment management.
• Comfortable with high level architecture and hands on delivery.
Nice-to-haves
• User or administrator experience with any/all of Atlassian stack (Jira, Confluence, Stash, Bamboo), Ansible, TeamCity, Octopus Deploy, New Relic, TrendMicro.
• AWS certified DevOps and/or Architect.

Qualifications and Skills

• Strong and demonstrated team working experience.
• Comfortable with frequent, incremental code testing and deployment.
• Strong educational background with a degree preferably in Computer Science or related.

The Role

We are looking for a competent and experienced Manager specialising in Identity & Access Management (IAM) who will be responsible for developing and delivering complex and innovative solutions whilst reducing reputational, operational, financial and other risks for our clients.. IAM is a part of the Risk Consulting Practice in KPMG, one of the key areas identified for major investment and growth. KPMG is growing its IAM service line and has recently acquired Silicon Valley-based Cyberinc, which provides cyber security solutions globally. This will enhance KPMG’s existing capabilities as a leader in information security consulting services and expand the firm’s ability to provide clients with newer and more agile IAM solutions. This bolsters KPMG’s talent and offerings in the rapidly growing area of digital consumer identity and privileged user management.
Our clients need to deal effectively with technology related risks and derive maximum value from their investment in security systems and technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their IT assets to its full potential. The individual selected for this role will be responsible for driving the next phase of growth for our IAM Service Line.

Key Accountabilities

• Experienced in developing identity management strategy, solution architecture and implementation roadmaps that include identity and privileged access management, RBAC, provisioning, certification, entitlement management and policy management.
Practical knowledge and experience in Privileged Access Management is essential.
Practical knowledge and experience in Customer Identity and Access management is essential.
Strong design and implementation experience of at least one of the following vendor technologies like CyberArk, SailPoint or BeyondTrust is essential.
• Proven years of strong IAM advisory, design and implementation oversight experience on large, complex projects (e.g; FTSE 100 clients)
• Actively identifying and progressing business development opportunities, as well as managing sales activities such as proposal development, writing and assisting with client presentations.
Capability to identify technical risks, articulate the associated IT costs and business impacts, and propose options for resolution
• Able to initiate, develop and challenge thought leadership in in all areas of identity management.
• Recognised in the industry as a specialist in the IAM space, with a good understanding of disruptive trends, evolution of IAM solutions backed by knowledge of the business value of IAM.
• Good understanding of Digital Transformation initiatives, GDPR and other regulation that impacts and drives the adoption of IAM controls.
• Knowledge of Customer Identity Management solutions with proven experience in either delivering and developing business case, strategy and roadmaps.
• Ability to develop constructive client relationships, both inside and outside of KPMG.
• Understanding of managed services delivery models for the delivery of Identity Management services.
• Experience in Role modelling, Risk based Authentication, Identity Federation and Data Access Governance.

The Person

• Excellent business and technical stakeholder engagement skills within the IAM project setting is required.
• Experience with Project Management duties (project planning, resource management, scope, schedule and status, documentation).
• Continuous development of self and team, including managing client feedback.
• Monitoring quality of service and products to clients and carrying out improvement or development as necessary.
• Management of SailPoint discovery, onboarding and go live
• Detailed understanding of SailPoint and access management functionalities.
• Good understanding of CyberArk and other similar privileged management tools.
• Strong ability to interact with Tech Operations and CISO teams in a client facing roles and to explain technical concepts in an easy to understand manner
• Good ability to manage technical resources.

Qualifications & Skills:

• Bachelor's Degree in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math).
• Recognised information protection qualifications (e.g. CISSP, CISSP-ISSAP, CISM, GIAC) desirable.
• Experience using Project Management tools like MS Project desirable.
• Excellent communication and presentation skills (both written and oral)
• Excellent negotiation skills.
• Demonstrated ability in strong verbal and written communication skills to interface with both technical and non-technical stakeholders, including the ability to confidently lead software presentations.
• Highly organised with ability to prioritise workload to incorporate changing priorities.
• Delivering quality and striving for continual improvement.
• Strong planning, organising and decision making skills.

The Role
You will play a leading role within the Cyber Defence Services (CDS) team, helping drive the development of the business and taking responsibility for the oversight and delivery of some of our most demanding penetration testing and red team engagements. As a Senior Manager you will help raise the profile of the team, play a key part in making sure that we develop new CDS service offerings and help coach and mentor team members.

Responsibilities
Management and delivery of penetration testing services to clients to include the following:
o Scoping
o Financial management
o Engagement and risk management
o Production and review of deliverables.
- Reporting technical issues in business terms
- Developing constructive client relationships, both inside and outside of KPMG.
- Developing an understanding of KPMG’s broader offerings to enable identification of business opportunities
- Actively identifying and progressing business development opportunities, as well as managing sales activities such as proposal writing and assisting with client presentations.
- Role modelling risk and engagement management practices.
- Coaching and developing team members through sharing of experience and knowledge.
- Continuous development of self and team, including managing client feedback.
- Monitoring quality of service and products to clients and carrying out improvement or development as necessary.
- Performance management of junior staff

The Person
- Proven experience of successfully managing and delivering projects on time and to budget.
- Proven experience working within the industry
- Clear and demonstrable understanding of penetration testing, including CESG accredited schemes such as CBEST, STAR, CPA, CHECK and CTAS. OSCP, CCSAS/CCSAM
- Demonstrable understanding and practical application of information security principles
- Proven experience of producing high quality deliverables working alone and as part of a team.
- Excellent communication skills
- Proven experience of secure coding practices
- Reverse engineering experience desirable

Qualifications and Skills
- Degree level qualified, MSc in Information Security, IT or relevant subject (preferred)
- Web-application penetration testing experience preferred
- Programming skills, .NET
- Excellent communication skills (both written and oral) and project management skills
- Clearances required – eligibility for SC or DV is desirable

The Role

The senior incident response manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.

This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s incident response processes and methodologies.
In this role we are looking for a person who can demonstrate strong technical background, significant experience in incident response and digital forensics and is looking to grow into an incident response leadership role as part of a growing team. You will be expected to lead a number of incident response case managers and practitioners, as well as have the opportunity to work with, and learn from, the service leadership as part of your continuous development.
When not responding to incidents, you may be helping our clients to build their in-house incident response capabilities, which could include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises. When not engaged in client work, you will be helping to develop our own delivery capability, including operational efficiency, standard operating procedures, team learning and development, tooling and platforms, lab development and orchestration.

Candidates should have a proven track record of incident management, with a strong competency in digital forensics. KPMG will provide training and coaching to help you continually improve both your management and technical skills. Strong technical competency and experience of managing a range of complex cyber incidents; from ransomware to advanced network intrusions is a pre-requisite.

Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In addition, you should be prepared to travel on short notice for periods up to 2 or 3 weeks at a time.

Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG with the objective of progressing into a senior leadership role.


Responsibilities:

• Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Manage the development of KPMG’s in house cyber-response tools.
• Assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Project management of engagements to deliver high quality work in a timely manner, including:
• Scoping and costing of engagements
• Financial management of projects
• Engagement and risk management
• Production and review of deliverables to a high standard.
• Liaising with clients on delivery, implementation and project issues.
• Ability to generate well-structured responses to bids and requests for proposals.


The Person:

You should have approximately 4 to 8 years of experience in cyber-security and incident response. For example: You should be able to guide a client through a unstructured incident response process (such as an advanced network intrusion) – managing resources and defining objectives at each stage of the
incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Significant and proven experience of dealing with cyber security incidents and associated response measures.
• Experience of managing a rapid deployment incident response team.
• Excellent interpersonal, written and communication skills.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to develop and mention junior team members.
• Strong attention for detail and the ability to manage multiple simultaneous cases.

Qualifications and Skills:

The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM).
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA),
• CREST certified network intrusion analyst (CCNIA),
• CREST certified host intrusion analyst (CCHIA),
• CREST certified malware reverse engineer (CCMRE),
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.