I'm looking for
Search results for "Technology"
Technology Risk Senior Manager - Cloud / Digital / AI
Service Line: RC Technology
Senior Penetration Tester - Cyber Security
Service Line: RC Technology
Penetration Tester - Manager
Service Line: RC Technology
Forensic Technology – Data Analyst
Service Line: Forensic
Identity & Access Management - Manager - Cyber Security
Service Line: RC Technology
The Financial Services Technology Risk Consulting team is focused on providing consultancy, advice and assurance on our clients' technology risks and controls. The market is evolving at pace and innovating, whilst embracing the digital age. We are building out our team to advise clients on emerging and legacy technology risks and controls. We are focused on project and programme risk, operational and technology resilience, technology risk and control, impact of regulatory change on data and technology and third party risk management. All underpinned by analytics. We deliver our work through collaborative consulting projects, focused on risk and control assurance, as well as projects with 2nd and 3rd lines of defence.
• Communicating compelling and well thought out solutions to complex problems
• Building constructive working relationships across different teams, functions, countries or cultures
• Developing lasting client relationships and actively building a network and range of experience to help address client needs
• Provide compelling and well thought out solutions to problems of moderate complexity
Work with Partners, Directors and team in the Emerging Technology Risk areas - including AI / machine learning, cloud and digital
Lead and deliver technology risk services to the Financial Services sector focused on risk and controls
Conduct risk and control assessments on client projects when they are implementing new and advanced technology
Define a risk and control methodology and framework to use in conducting risk assessments
Link into global and cross industry working groups to share knowledge
Identify revenue-generating opportunities and get involved in business development activities such as proposal writing, pitch presentations
Build and develop relationships with key internal and external contacts to embed risk and control into other propositions
Develop a go to market approach and materials to support
Create thought leadership and participate in market forums to enhance KPMG’s brand
• Recognises the importance of continuous self and team development and actively strives to achieve this.
• Helps others to understand how their work contributes to the overall success of an engagement and the wider firm
• Fosters a sense of self belief and confidence in others
• Seeks to understand others motivations
• Supports others to make brave decisions
Qualifications and Skills
• Proven experience of successfully delivering digital, cloud or AI/ML projects, advice or assurance
• Recognised expert in areas of new technology
• Experience in working in a risk and control / assurance environment
• Degree/masters qualification in IT or similar
Experience and Background
• A specialist understanding of digital/cloud/AI and their impact on the business control environment
• Ability to identify and assess complex technology risks and controls, to relate them to the wider business environment and to express opinions clearly to all levels
• Strong understanding of FS sector – business processes / products / keys risks
• Ability to play an active role in the business development process
• Ability to present on specific subjects to a large group of people
• Strong analytical skills and ability to adapt to changing circumstances
• An aptitude for embracing and adapting to new technology
• Ability to spot opportunities to add value to clients and work with colleagues in other lines of service to help clients find solutions to the challenges they face
• Ability to work flexibly in terms of working hours to accommodate tight timelines and manage well under pressure
Using a wide variety of technical and sector-specific skills, KPMG's Risk Consulting group proactively helps clients increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.
Technology - Our clients need to deal effectively with technology related risks and derive maximum value from data and documentation. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.
The role will be working in the Cyber Defence Services (CDS) Team within the cyber security department which is part of the Risk Consulting practice. Information Protection is one of the areas which KPMG has identified for tremendous investment and growth. Our clients need to deal effectively with technology related risks and derive maximum value from data and documentation.
• Delivery of penetration testing and incident response services to clients
• Project management of small engagements and end-to-end and support on larger engagements to deliver high quality work in a timely manner to include:
• Financial management
• Engagement and risk management
• Production and review of deliverables
• Liaising with clients on delivery, implementation and sales issues.
• Developing constructive client relationships, both inside and outside of KPMG
• Coaching and developing team members through sharing of experience and knowledge
• Supporting leadership of the team in the embedding effective working practices
Experience and Background
• Proven experience or working within the penetration testing industry
• Experience of dealing with cyber security incidents and associated response measures
• Proven ability to identify and assess complex information protection risks and controls
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• Experience in and an understanding of the Cyber risks faced by clients within a specific industry and the impact to their business
• A genuine interest and desire to work in the information security field
Qualifications and Skills
• Degree level qualified, MSc in Information Security, IT or relevant subject (preferred)
• Must have the following qualifications CREST Registered Tester (CREST CRT) and Offensive Security Certified Professional (OSCP)
• Must have experience in Vulnerability Assessment and Penetration Testing
• Must have experience with Web Application Security Testing
• Must have experience of performing Cyber Maturity Assessments
• Excellent communication skills
You will play a leading role within the Cyber Defence Services (CDS) team, helping drive the development of the business and taking responsibility for the oversight and delivery of some of our most demanding penetration testing and red team engagements. As a manager you will help raise the profile of the team, play a key part in making sure that we develop new CDS service offerings and help coach and mentor team members.
Management and delivery of penetration testing services to clients to include the following:
o Financial management
o Engagement and risk management
o Production and review of deliverables.
- Reporting technical issues in business terms
- Developing constructive client relationships, both inside and outside of KPMG.
- Developing an understanding of KPMG’s broader offerings to enable identification of business opportunities
- Actively identifying and progressing business development opportunities, as well as managing sales activities such as proposal writing and assisting with client presentations.
- Role modelling risk and engagement management practices.
- Coaching and developing team members through sharing of experience and knowledge.
- Continuous development of self and team, including managing client feedback.
- Monitoring quality of service and products to clients and carrying out improvement or development as necessary.
- Performance management of junior staff
- Proven experience of successfully managing and delivering projects on time and to budget.
- Proven experience working within the industry
- Clear and demonstrable understanding of penetration testing, including CESG accredited schemes such as CBEST, STAR, CPA, CHECK and CTAS. OSCP, CCSAS/CCSAM
- Demonstrable understanding and practical application of information security principles
- Proven experience of producing high quality deliverables working alone and as part of a team.
- Excellent communication skills
- Proven experience of secure coding practices
- Reverse engineering experience desirable
Qualifications and Skills
- Degree level qualified, MSc in Information Security, IT or relevant subject (preferred)
- Web-application penetration testing experience preferred
- Programming skills, .NET
- Excellent communication skills (both written and oral) and project management skills
- Clearances required – eligibility for SC or DV is desirable
Forensic Technology (FTech) supports clients and their legal advisors in response to litigation, civil
disputes, investigations, regulatory, and M&A matters. FTech assist their clients through the
preservation, collection, processing, reporting, and analysis of electronically stored information (ESI)
such as emails, chat messages, and electronic documents.
The projects are often time critical and include global clients with footprints around the world,
providing opportunities to work with other overseas offices including on site attendance. Many
projects have a significant impact on our clients’ businesses and communities, with matters
occasionally featuring on international headlines.
FTech are looking for data specialists who are able to extract, store, enhance, and investigate large
volumes of unstructured data by leveraging market-leading technologies and methodologies.
Data analysts support the delivery work on a range of engagements. This will include:
- Responding to client requests and queries with supervision from project managers.
- Creating and updating data trackers, dashboards, and reports.
- Verifying, validating and analysing data that has been collected or received from clients.
- Preparing and normalising unstructured data from a range of data sources: email, electronic
documents, instant messaging, chat data, audio data and more.
- Assisting with forensic data collections.
- Maintaining and updating procedural documentation.
- Delivering client based training on our review systems via WebEx or to an audience.
- Contributing to business development through market research, consolidating credentials,
and creating slide decks.
- Assisting with evidence and media tracking.
- Researching and testing new software.
Strong candidates would have exposure to a combination of the following career profiles, or deep
expertise in at least one specialism. Successful candidates will not be expected to only stick to their
backgrounds; team members are encouraged to widen their horizons and take advantage of
available development opportunities.
- Familiarity with creating dashboard visualisations using Tableau, Qlikview, PowerBI, Kibana,
- Good understanding of data querying methods to produce reports from Microsoft SQL
- Experience in simple data transformation using Excel, Alteryx, scripts, and/or regular
- Understanding of best practices for database schemas and data normalisation.
- Able to clearly communicate and explain findings from data analysis to non-technical people.
- Background in statistics, databases, information management, economics, business intelligence, and related areas.
- Experience in integrating systems and applications through APIs, e.g. REST, and XML/JSON.
- Proficiency in programming languages such as C#, Java, Ruby, Python, and VBA.
- Understanding of software development methodologies and tools, e.g. IDEs, Git, Agile, unit tests.
- Proven ability of translating business needs into technical requirements.
- Knowledge of SQL and database operations would be advantageous.
- Background in computer science, software development, mathematics, and related areas.
Computer Forensics and E-Disclosure
- Worked in a professional services environment assisting with the delivery of eDisclosure/Investigations.
- Knowledge of the Electronic Discovery Reference Model (EDRM) lifecycle.
- Familiarity with forensic best practices, e.g. evidence handling, chain of custody, metadata preservation, etc.
- Experience in handling and analysing unstructured data sources such as emails, network shares, and laptops.
- Experience in liaising with clients on basic requests and delivering software training.
- Proficient in eDisclosure tools such as EnCase, Nuix, Relativity, Recommind, Ringtail, or similar.
All candidates are expected to have a number of the following qualities:
- Excellent written and communication skills.
- Demonstrated ability to think through and solve problems independently.
- Proactive in taking ownership of tasks and managing expectations.
- Keen to learn industry-specific software and in-house processes.
- Able to work in a high-pressured environment.
- Experience in a professional environment or role is desirable.
We are looking for a competent and experienced Manager specialising in Identity & Access Management (IAM) who will be responsible for developing and delivering complex and innovative solutions whilst reducing reputational, operational, financial and other risks for our clients.. IAM is a part of the Risk Consulting Practice in KPMG, one of the key areas identified for major investment and growth. KPMG is growing its IAM service line and has recently acquired Silicon Valley-based Cyberinc, which provides cyber security solutions globally. This will enhance KPMG’s existing capabilities as a leader in information security consulting services and expand the firm’s ability to provide clients with newer and more agile IAM solutions. This bolsters KPMG’s talent and offerings in the rapidly growing area of digital consumer identity and privileged user management.
Our clients need to deal effectively with technology related risks and derive maximum value from their investment in security systems and technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their IT assets to its full potential. The individual selected for this role will be responsible for driving the next phase of growth for our IAM Service Line.
• Experienced in developing identity management strategy, solution architecture and implementation roadmaps that include identity and privileged access management, RBAC, provisioning, certification, entitlement management and policy management.
Practical knowledge and experience in Privileged Access Management is essential.
Practical knowledge and experience in Customer Identity and Access management is essential.
Strong design and implementation experience of at least one of the following vendor technologies like CyberArk, SailPoint or BeyondTrust is essential.
• Proven years of strong IAM advisory, design and implementation oversight experience on large, complex projects (e.g; FTSE 100 clients)
• Actively identifying and progressing business development opportunities, as well as managing sales activities such as proposal development, writing and assisting with client presentations.
Capability to identify technical risks, articulate the associated IT costs and business impacts, and propose options for resolution
• Able to initiate, develop and challenge thought leadership in in all areas of identity management.
• Recognised in the industry as a specialist in the IAM space, with a good understanding of disruptive trends, evolution of IAM solutions backed by knowledge of the business value of IAM.
• Good understanding of Digital Transformation initiatives, GDPR and other regulation that impacts and drives the adoption of IAM controls.
• Knowledge of Customer Identity Management solutions with proven experience in either delivering and developing business case, strategy and roadmaps.
• Ability to develop constructive client relationships, both inside and outside of KPMG.
• Understanding of managed services delivery models for the delivery of Identity Management services.
• Experience in Role modelling, Risk based Authentication, Identity Federation and Data Access Governance.
• Excellent business and technical stakeholder engagement skills within the IAM project setting is required.
• Experience with Project Management duties (project planning, resource management, scope, schedule and status, documentation).
• Continuous development of self and team, including managing client feedback.
• Monitoring quality of service and products to clients and carrying out improvement or development as necessary.
• Management of SailPoint discovery, onboarding and go live
• Detailed understanding of SailPoint and access management functionalities.
• Good understanding of CyberArk and other similar privileged management tools.
• Strong ability to interact with Tech Operations and CISO teams in a client facing roles and to explain technical concepts in an easy to understand manner
• Good ability to manage technical resources.
Qualifications & Skills:
• Bachelor's Degree in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math).
• Recognised information protection qualifications (e.g. CISSP, CISSP-ISSAP, CISM, GIAC) desirable.
• Experience using Project Management tools like MS Project desirable.
• Excellent communication and presentation skills (both written and oral)
• Excellent negotiation skills.
• Demonstrated ability in strong verbal and written communication skills to interface with both technical and non-technical stakeholders, including the ability to confidently lead software presentations.
• Highly organised with ability to prioritise workload to incorporate changing priorities.
• Delivering quality and striving for continual improvement.
• Strong planning, organising and decision making skills.