I'm looking for

The Team


In KPMG's Management Consulting practice, we don't limit ourselves to either strategy or implementation. Instead, we deliver both - equally well. Indeed, it's this broad capability that's seen us accelerate to become a 1000-strong team in less than five years. Since our creation, we've developed in-depth knowledge of an incredibly broad spread of sectors.

Modelling – Our specialists provide a broad range of modelling services to help clients use their data to its full potential and manage associated risks.

Organisations across all industries are using cost, financial and data models of growing complexity in key decision making areas such as project evaluation, investment appraisals, on-going reporting of financial and operational metrics.

The Role


KPMG’s Modelling team support our clients across a diverse range of sectors, such as defence, transport, infrastructure, communications, health, energy, financial services, leisure, retail and manufacturing. Our modelling services include:

·


Model risk assessment

·


Model assurance

·


Best practice appraisals

·


Cost modelling

·


Business planning and forecasting

·


Modelling the impacts of business restructuring including options analysis, cost optimisation, outsourcing and other operational and financial restructuring

·


Management reporting and dashboard development

·


Data analysis and presentation

·


Database design and build.

·


We work closely with teams across all functions within KPMG such as Transaction Services, Corporate Finance, Restructuring, Tax, Financial Risk Management, Internal Audit and Regulatory and Compliance Services. You will work on some of the most exciting projects in KPMG, delivering high quality, flexible and bespoke analytics and modelling solutions.


You will join our team as a Manager delivering modelling services primarily to our defence clients. These services, provided as part of KPMG’s broader and market-leading defence advisory services, will include designing and constructing cost and operational models, model reviews and model audits, for defence clients, as well as designing MI solutions and analysis.


The role will be challenging and require you to develop trusted relationships with key stakeholders, work to deadlines, prioritise workload, run projects and provide a high level of client service at all times. Your level of responsibility will only be limited by your own aptitude and passion to learn and to take on new challenges. You should have a proven track record of managing your own time, as well as managing others in a team. Previous experience in cost modelling is essential, and experience of working in a consulting or professional services environment is desirable. VBA and SQL skills are desirable but not essential.

The Person


We are looking for a Manager with the following attributes who is passionate about developing a career in modelling:


·


A numerate (science, engineering or maths-based) first-class or upper second-class degree

·


Either an accounting qualification or an MBA or post graduate qualification in maths, statistics or Operational Research

·


Experience in roles that require an understanding of the unique nature of defence cost modelling, including Monte Carlo analysis

·


Positive approach towards problem solving, even under time pressure

·


The ability to focus on a particular project whilst managing multiple projects

·


Ability to motivate and manage teams to achieve optimal potential

·


A high degree of knowledge of Excel and best practice modelling

·


The ability to think through a problem and apply a logical, analytical approach to develop a solution

·


Ability to describe complex technical issues in a clear non-technical way
Initiative, enthusiasm and excellent communication skills (verbal and written)

·


Excellent project management skills

·


Strong analytical and interpretative skills

·


Vigilance and sustained attention to detail

·


Ability to quickly assimilate and apply new techniques and knowledge

·


The ability to work and communicate as part of a team

·


The ability to work in an efficient organised manner

·


The desire to perform to a consistently high standard

A proven record of effective time and resource management

The Team

KPMG has a market leading strategy advisory business in Energy and Natural Resources, serving the oil & gas; power and utilities and infrastructure sector serving UK, European and international clients. We work with C-level executives to identify, structure and solve their most critical strategic issues related to deal strategy, growth strategy and operational strategy. It is an excellent time to join us as we are growing rapidly due to our unique propositions and the strength of our client relationships, with the Energy & Natural Resources business. As a team, we are a group of bright committed individuals who are passionate about delivering fantastic client work, developing the team around us and having fun both inside and outside of work.

The Role

You will work in project teams on assignments addressing fundamental strategic and operational issues, with a particular focus on identifying and delivering performance improvements in areas such as operations, maintenance, capital projects, logistics, and supply chain. Under the leadership of highly experienced Partners, Directors, and project leaders, Managers lead workstreams for our clients, applying analysis, insight and client interaction to agree recommendations and support execution. Managers will often lead small teams, shaping outputs while coaching and mentoring staff to motivate and develop team members. Direct contact with client colleagues and presentations to senior management are key parts of the role.

In addition to client work, Managers will play an active role in developing new business for the group, supporting work on proposals, thought leadership, and interactions with potential clients in the industries we serve. Managers act as core members of our Strategy Group, shaping new approaches and working closely with colleagues.

Managers will develop a strong combination of industry skills and strategy insights, learning through a combination of project work and training in advanced approaches, as they progress towards promotion to roles with overall responsibility for project delivery.
The Person

You will have practical operational experience in the industries we serve, in areas such as oil and gas, chemicals, energy, maintenance and engineering – with specific experience in oil and gas offshore operations, refineries and petrochemicals businesses extremely desirable.

You must be able to define and lead the thinking / problem solving on how to put together a piece of analysis, scoping, planning and managing the execution of client deliverables; able to lead and challenge senior stakeholders, and able to work beyond own area of expertise; and has led teams or individuals, and ideally has overseen significant parts of complex projects or programmes.

This experience may have been gained through direct industry roles, or where you have had an operational role that involves managing cross-discipline teams/areas, with direct exposure to commercial issues and the delivery of business improvement programmes.

Alternatively, you may have worked in a leading strategy, operational consulting firm, or Big4 player, or dedicated internal consulting group, leading small teams addressing M&A, Company or Business-Unit wide cost saving initiatives, strategic reorganisation, revenue growth and pricing, working capital improvement, etc.

An MBA or the equivalent is a definite plus, but is not a minimum requirement.

Other requirements:

- Strong interpersonal/social skills and team-players
- Good analytical problem-solvers, able to think in a structured way, be able to break a solution framework up between 2-4 - people, and communicate this effectively
- Capable of holding ultimate responsibility for final delivery and output of a cluster of related workstreams (overseeing associates delivering the content of those workstreams)
- Drive and impact, mentoring skills, good storytelling, financial acumen, attention to detail
Sufficiently comfortable liaising with senior stakeholders and conducting client interviews to gather data and analysis
- Personable and good at striking a rapport with a variety of individuals
- Strong networks
- 'Self starters' and able to work independently with little guidance to lead teams to achieve results
- Able to cope with the pace and urgency of our work – 1-3 month timeframes with tight deadlines, as opposed to 1+ year programmes
- Comfortable being away from home for long periods of time (even if this is away during the week and back at weekends)
- Written and spoken English skills need to be excellent

The Role

The role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s proprietary in-house toolkit.
In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience. You will be expected to lead one or two analysts to achieve a task in a project, as well as have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development.
When not responding to incidents, you will help our clients to build their in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.
We will welcome applications from candidate with a good competency in incident management, but with a developing competency and keen interest in digital forensics, or vice versa. KPMG will provide training and coaching to help you continually improve you skills. Strong technical competency - intermediate systems administration skills and programming skills to develop tools, however, is a pre-requisite.
Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In return, KPMG will offer flexible working hours and work from home days for employees who have demonstrate reliability in delivery. For example, if you are writing a post-mortem report or working on a run-book, you can do so from home.
Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG.

Responsibilities:
• Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Develop KPMG’s in house cyber-response tools
• Help assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Help with project management of engagements to deliver high quality work in a timely manner, including:
• Scoping
• Basic financial management
• Engagement and risk management
• Production and review of deliverables.
• Liaising with clients on delivery, implementation and sales issues.

The Person

This position is well suited for an individual with 3 to 5 years of experience in cyber-security and incident response. For example: a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client through a structured incident response process – triage, containment, eradication and recovery. If you are provided with forensic data such as: disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, source of infection and use online research to identify malware family.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence your personal contribution to the team.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to work in the information security field.
• Standing and positive reputation in the information security community is seen as a plus.

Qualifications and Skills:
The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM)
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA)
• CREST certified network intrusion analyst (CCNIA)
• CREST certified host intrusion analyst (CCHIA)
• CREST certified malware reverse engineer (CCMRE)
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.

The Role

The senior incident response manager role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice, reporting directly into the head of cyber response. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.

This is a hands-on and operational management role with opportunities to grow into service line leadership. The successful candidate is expected to manage a broad range of cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s incident response processes and methodologies.
In this role we are looking for a person who can demonstrate strong technical background, significant experience in incident response and digital forensics and is looking to grow into an incident response leadership role as part of a growing team. You will be expected to lead a number of incident response case managers and practitioners, as well as have the opportunity to work with, and learn from, the service leadership as part of your continuous development.
When not responding to incidents, you may be helping our clients to build their in-house incident response capabilities, which could include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises. When not engaged in client work, you will be helping to develop our own delivery capability, including operational efficiency, standard operating procedures, team learning and development, tooling and platforms, lab development and orchestration.

Candidates should have a proven track record of incident management, with a strong competency in digital forensics. KPMG will provide training and coaching to help you continually improve both your management and technical skills. Strong technical competency and experience of managing a range of complex cyber incidents; from ransomware to advanced network intrusions is a pre-requisite.

Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In addition, you should be prepared to travel on short notice for periods up to 2 or 3 weeks at a time.

Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG with the objective of progressing into a senior leadership role.


Responsibilities:

• Manage and co-ordinate cyber security incidents for our clients, working closely with the head of cyber response.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Manage the development of KPMG’s in house cyber-response tools.
• Assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Project management of engagements to deliver high quality work in a timely manner, including:
• Scoping and costing of engagements
• Financial management of projects
• Engagement and risk management
• Production and review of deliverables to a high standard.
• Liaising with clients on delivery, implementation and project issues.
• Ability to generate well-structured responses to bids and requests for proposals.


The Person:

You should have approximately 4 to 8 years of experience in cyber-security and incident response. For example: You should be able to guide a client through a unstructured incident response process (such as an advanced network intrusion) – managing resources and defining objectives at each stage of the
incident response process; scoping and triage, containment, evidence preservation and extraction, eradication, recovery, forensic analysis and investigation.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Significant and proven experience of dealing with cyber security incidents and associated response measures.
• Experience of managing a rapid deployment incident response team.
• Excellent interpersonal, written and communication skills.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to develop and mention junior team members.
• Strong attention for detail and the ability to manage multiple simultaneous cases.

Qualifications and Skills:

The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM).
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA),
• CREST certified network intrusion analyst (CCNIA),
• CREST certified host intrusion analyst (CCHIA),
• CREST certified malware reverse engineer (CCMRE),
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.