I'm looking for

The Role

The role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s proprietary in-house toolkit.
In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience. You will be expected to lead one or two analysts to achieve a task in a project, as well as have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development.
When not responding to incidents, you will help our clients to build their in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.
We will welcome applications from candidate with a good competency in incident management, but with a developing competency and keen interest in digital forensics, or vice versa. KPMG will provide training and coaching to help you continually improve you skills. Strong technical competency - intermediate systems administration skills and programming skills to develop tools, however, is a pre-requisite.
Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In return, KPMG will offer flexible working hours and work from home days for employees who have demonstrate reliability in delivery. For example, if you are writing a post-mortem report or working on a run-book, you can do so from home.
Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG.

Responsibilities:
• Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Develop KPMG’s in house cyber-response tools
• Help assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Help with project management of engagements to deliver high quality work in a timely manner, including:
• Scoping
• Basic financial management
• Engagement and risk management
• Production and review of deliverables.
• Liaising with clients on delivery, implementation and sales issues.

The Person

This position is well suited for an individual with 3 to 5 years of experience in cyber-security and incident response. For example: a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client through a structured incident response process – triage, containment, eradication and recovery. If you are provided with forensic data such as: disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, source of infection and use online research to identify malware family.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence your personal contribution to the team.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to work in the information security field.
• Standing and positive reputation in the information security community is seen as a plus.

Qualifications and Skills:
The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM)
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA)
• CREST certified network intrusion analyst (CCNIA)
• CREST certified host intrusion analyst (CCHIA)
• CREST certified malware reverse engineer (CCMRE)
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.

The Team



ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions. ITS Global also provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. ITS Global works with the other GT&K pillars to provide KPMG technology solutions that leverage world-leading partnerships, disruptive digital capabilities, and access to the firm’s collective intelligence.
IMSS VMS helps defend KPMG and its clients from cyber-attack, through timely scan, detection, investigation and reporting of potential vulnerabilities across IT systems.


The Role




The purpose of the IMSS VMS Service Lead role is to ensure sound delivery of VMS systems and services for the ITS Global and Member Firms. IMSS VMS Service Lead will be responsible for planning service and product road map to align with IMSS and ITS Global strategy and leading projects to deliver meaningful enhancements and expand/standardise service offering portfolio. IMSS VMS Service Lead will mentor and coach the IMSS VMS team to work efficiently in a fast paced environment driving performance, reliability and supporting the IMSS objectives and infrastructure hosted on Physical and Cloud platforms when delivering IMSS VMS services. An IMSS VMS Service Lead also:


•Engages and coaches the team to drive consistency in documentation, procedures and operations
•Organises brainstorming workshops to maximise ROI on existing tool kits and establishes close relationship with vendors to prioritise KPMG-relevant features in their product road maps
•Reviews Root Cause Analyses(RCA) of incidents with team to engineer service and process improvements
•Promotes IMSS VMS products, initiatives and services within ITS Global, the functions and member firms
•Addresses urgent requirements, escalations and concerns from IMSS VMS customers and delivers best practice solutions expanding on IMSS VMS toolkit and abilities
•Supports integration of new technologies, applications and member firms to IMSS VMS global platform
•Supports IMSS security policies and governance
•Enables consistent adoption of ITS Global standards, principles and models
Technical Skills & Qualifications


•Strong leadership skills with demonstrated multitasking ability to manage an enterprise architecture with geographically dispersed teams
•Experience with vendor management and demand/contract/budget forecasting
•Architectural understanding of the security product portfolio (including but not limited to TVM(Microsoft Defender ATP), Qualys, Kenna Security, ServiceNow) and strengths/weaknesses to maximise ROI through integration and automation
•Skilled in technical reporting and documentation review with Microsoft Word, Excel, PowerPoint and Visio
•Skilled in management reporting - summarising large/complex/key concepts/transcripts into concise, visual/intuitive briefings for business stakeholders
•Experience with Enterprise IT architecture, including distributed, Cloud and Hybrid architectures, and their governance and risk management
•Experience with developing multi-perspective, innovative approaches to improve service or status quo for priority/all stakeholders
•Experience with dev ops model and CI/CD frameworks for timely delivery of Cybersecurity projects while minimizing risks




Description of level of Qualifications




•Bachelor’s degree in a related field (i.e., Computer Science) or equivalent experience. Master’s degree or MBA a plus.•5+ years’ experience with implementing/integrating/managing cybersecurity solutions across enterprise IT Architecture and with organizations similar to KPMG (international, services companies).•Good knowledge of regional issues and structures, ability to work with people from many different cultural backgrounds.•Network security and/or (ISC)² Security Certification.•Other industry standard certificates or product certifications like Qualys etc. are preferred.

Experience & Knowledge




•Strong leadership skills with demonstrated multitasking ability to manage an enterprise architecture with geographically dispersed teams•Experience with vendor management and demand/contract/budget forecasting•Architectural understanding of the security product portfolio (including but not limited to TVM(Microsoft Defender ATP), Qualys, Kenna Security, ServiceNow) and strengths/weaknesses to maximise ROI through integration and automation•Skilled in technical reporting and documentation review with Microsoft Word, Excel, PowerPoint and Visio•Skilled in management reporting - summarising large/complex/key concepts/transcripts into concise, visual/intuitive briefings for business stakeholders•Experience with Enterprise IT architecture, including distributed, Cloud and Hybrid architectures, and their governance and risk management•Experience with developing multi-perspective, innovative approaches to improve service or status quo for priority/all stakeholders•Experience with dev ops model and CI/CD frameworks for timely delivery of Cyber security projects

The Team:

The use of cloud-based technologies continues at pace and we continue to see that most Procurement transformation programmes demand technology support, and every successful Procurement technology programme involves some ground-breaking activity.

At KPMG’s highly successful Management Consulting practice, we’re working with Financial Services clients to help them understand how technology can drive business performance. As such, we’re looking for outstanding procurement technologists to join us, grow with us, and develop our Procurement Technology delivery capability, driving our strategy through large-scale Procurement Cloud Technology transformation. Part of a developing team in Financial Services that will become our ‘go to’ for Procurement Technology, you will play a key role in the growing of our propositions to sell and deliver large programmes. At its core, this is a real opportunity to build our technology delivery team and influence within a fast-growing business area. To join us, therefore, you’ll need to be inquisitive and have a strong, informed point of view. Of course, this will need to be balanced with an unwavering client focus. You’ll have excellent listening skills, and a proven track record of helping Financial Services clients reach their desired outcomes. We’re looking for self-starters, those with gravitas, credibility, and the natural ability to encourage confidence and empower change. On the technical side, you’ll need a thorough understanding of Procurement Technology solutions including but not limited to Coupa, Ivalua, Basware and/or SAP Ariba.

The Person:

We are looking for a Senior Manager with a proven track record of selling, procurement technology projects. In particular we are looking for individuals who have led procurement technology strategy programmes, software selection projects and Source-to-Pay implementations.

We are seeking a talented individual with experience of Procurement Cloud implementation. This is a high-profile role within the team, requiring a balance of business development, practice leadership and client delivery. The role reports into the Director of Powered Procurement.

Essential Experience:

• Understand demand, identify and unlock client opportunities for Powered Procurement in Financial Services by providing the technology expertise to build compelling market propositions
• A deep knowledge of the current procurement technology market
• The ability to build strong relationships at senior levels (c-suite), and a strong existing network
• Experience designing, selecting, supporting and implementing multiple solutions
• The ability to communicate compelling and well thought out solutions to complex problems
• Strong people management skills, with an ability to coach and develop others

Key Skills:

• Sales and Business Development
• Leadership and relationship building
• A Technology professional with a proven track record of successful delivery of technology solutions in a consulting environment
• Facilitation and conflict resolution
• Persuasive power to communicate with a variety of partners in the organisation
• Excellent People Leadership
• Strong network in Financial Services Procurement
• Drive and resilience
• Presentation skills
• A track record of client delivery, innovation and procurement transformation using Cloud solutions, at large FTSE/blue chip organisations
• Other core consulting skills, including planning and delivering workshops, structured interviewing, process mapping, data gathering and analysis

Location:

UK based. Depending on Client location you will be required to travel and work away from home for periods of time (UK, Europe and internationally), so will need to be willing to demonstrate flexibility.

The Team




ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions. ITS Global also provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. ITS Global works with the other GT&K pillars to provide KPMG technology solutions that leverage world-leading partnerships, disruptive digital capabilities, and access to the firm’s collective intelligence.

The Role




KPMG’s IMSS Operations Manager is accountable for the daily running of the IMSS. In addition, the role has management responsibilities for Levels 1, 2 and 3 teams. This role will be the central point of contact between the IMSS Service Desk and Member Firms. As such, the IMSS Operations Manager is responsible for timely response to incident and ensuring that communications from IMSS are timely.

Technical Skills & Qualifications




•Responsible for the operational delivery of IMSS commercial elements and services, including Vulnerability Management Service (VMS), Monitoring and Alerting (M&A) - Cloud and Traditional, and Managed Security Firewall Service (MSFS)
•Responsible for the Advance Analytic and Threat Intelligence, including threat modelling and content use case management.
•Accountable for the IMSS operational staff across multiple regions, resourcing and attrition rate
•Lead in project management of new and existing services to ensure all IMSS operational requirements are captured
•Ensure identified threats are mapped to detection logic for all new and existing environments (traditional / cloud)
•Co-ordinates with external stakeholders for all day-to-day matters relating to IMSS services delivered to member firms.

Description of level of Qualifications




•Bachelor’s degree in Computer Science, Computer Networking or Computer Security, or equivalent, Master’s Degree preferred
•Considerable relevant security & IT experience
•CISSP/CISM certifications, or equivalent
•One or more of the following certifications :
•GSEC (GIAC Security Essentials Certification)
•GISP (GIAC Information Security Professional)
•GCIH (GIAC Certified Incident Handler)
•CCFP (Certified Cyber Forensics Professional)
•CCNP (Cisco Certified Network Professional)
•Ability to travel up to 25% of time, valid passport/US travel documents required

Experience & Knowledge



•Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
•Able to evaluate current people, processes, technology, and business drivers to improve the IMSS.
•Experience of monitoring for threat in traditional (on-premise) and cloud (Azure, Google, AWS) environments
•Experience with network forensics and packet and Netflow analysis, In-depth knowledge of infrastructure and operating systems.
•Experience of Threat Modelling frameworks including Mitre ATT@CK, LM Cyber Kill Chain, STRIDE.
•Understanding and experience using various security related exploits and tools

The Team
Within KPMG's Tech & Engineering service line, the Infrastructure Engineering team’s mission is to be the best Infrastructure team ever, by using the right tools for the right job, failing fast and automating like our lives depend on it. Right from the leadership level, our team are fully committed to the DevOps culture and are consistently trying to change to ensure that culture is nurtured and grows.

We operate at genuine scale taking advantage of our alliance partnerships with the industry leading public cloud providers to deliver cutting edge solutions to clients on a global stage. If the public cloud is your future and you’re amazing at solving difficult, interesting and complex challenges and actually writing code, roll up your sleeves then drop us a line and remember to bring cake.

You will be working to continuously advance and standardise our clients infrastructure and pipelined deployments, whilst collaborating with colleagues to write infrastructure as code that scales and takes advantage of the technologies available in the market.

The Role
• Help design and build monitoring systems, metrics, internal dashboards, and other tools that allow KPMG clients to become increasingly, scalable, and reliable infrastructure.
• Continue to cultivate a culture of collaboration, innovation and bringing industry standards to everything we do.
• You understand the fundamentals: Cloud Technologies (AWS, Azure, Private), Windows, Linux, Security and Networking.
• An ability to automate processes.
The Person
• Cloud Technologies exposure (AWS, Azure, Private), Windows, Linux, Security and Networking.
• You will have used the following - Python, Nodejs, C#, Cloudformation Templating, Ansible / Salt, Octopus, Team City / Jenkins
• You have experience building highly scalable, secure, efficient, and resilient systems.
• Ability to continuously learn, work independently, and make decisions with minimal supervision.
• You like nothing more than to watch colleagues flourish under your guidance.
• You love steering a very willing team to increase performance and efficiency.
• Be a technological cloud advocate to a wider audience inside and outside of the business.

What we can offer
• Scale, some of our clients are well known global brands, their infrastructure isn't small.
• A great team environment, inside and outside of the work place.
• Love of technology and learning about even newer technology to help our clients be successful.
• Flexible and considerate working hours.
• Access to regular training opportunities and certification which can include Internal, AWS and Pluralsight.
• Generous pay and benefits such as a subsidised lunch, health care, pension, cycle to work, free day off to celebrate your birthday.
• Excellent relationship with vendors and access to authorities within their field.