I'm looking for

The Role

The role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s proprietary in-house toolkit.
In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience. You will be expected to lead one or two analysts to achieve a task in a project, as well as have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development.
When not responding to incidents, you will help our clients to build their in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.
We will welcome applications from candidate with a good competency in incident management, but with a developing competency and keen interest in digital forensics, or vice versa. KPMG will provide training and coaching to help you continually improve you skills. Strong technical competency - intermediate systems administration skills and programming skills to develop tools, however, is a pre-requisite.
Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In return, KPMG will offer flexible working hours and work from home days for employees who have demonstrate reliability in delivery. For example, if you are writing a post-mortem report or working on a run-book, you can do so from home.
Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG.

Responsibilities:
• Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Develop KPMG’s in house cyber-response tools
• Help assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Help with project management of engagements to deliver high quality work in a timely manner, including:
• Scoping
• Basic financial management
• Engagement and risk management
• Production and review of deliverables.
• Liaising with clients on delivery, implementation and sales issues.

The Person

This position is well suited for an individual with significant experience in cyber-security and incident response. For example: a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client through a structured incident response process – triage, containment, eradication and recovery. If you are provided with forensic data such as: disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, source of infection and use online research to identify malware family.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence your personal contribution to the team.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to work in the information security field.
• Standing and positive reputation in the information security community is seen as a plus.

Qualifications and Skills:
The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM)
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA)
• CREST certified network intrusion analyst (CCNIA)
• CREST certified host intrusion analyst (CCHIA)
• CREST certified malware reverse engineer (CCMRE)
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.

The Role

•You will be working as a consultant in KPMG’s expanding Security Operations practice.
•As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.
•The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimisation.
•You will get a chance to learn new skills, certifications and work with some of our key alliance partners, including some the largest security vendors in the industry
•You will be working in a dynamic environment and engage with leading companies around the world.

Requirements
•Hands on experience in a Security Operations Centre
•Alternatively, consulting or advisory experience in Security Operations.
•Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing
•In-depth knowledge of at least one SIEM platform or security data lake and related processes
•Knowledge of various security tools, their functions and comparisons
•Knowledge of network and cloud security fundamentals
•Ability to explain complex technical concepts in business terms
•Extensive experience in report writing and presentation

Good to have:
•Previous experience in cyber project management
•Part of a large transformation and implementation project
•Hands on experience with ServiceNow and ServiceNow SecOps
•Experience with any other Incident Response or SOAR tool
•A network of other security professionals and relationships in the industry

Qualification and certifications (good to have but not mandatory)
•Bachelor degree in Information Security, Computer Science, Engineering, Technology or a similar degree
•Any SecOps related certifications, including security vendor certifications
•Good to have - at least one of the following certifications – CISSP, CISM, CCSP, GIAC certifications or an equivalent security certifications

About our team:


We are seeking an experienced Procurement professional to join our Corporates Operations Transformation team. Our team helps clients build leading practice capability across plan, source, make, move and sell - focussing on large corporate clients in the FTSE 100 and Fortune 500 businesses.


In the Procurement domain we are recognised as industry leaders by clients and analysts including:

• ALM Vanguard leader in Sourcing and Procurement Consulting
• A Spend Matters 50/50 Provider to Know
• A Leader in Business Consulting Services (IDC)


We are specifically seeking an individual with experience of procurement transformation programmes including digital / technology. The key services are outlined below:

Procurement Analytics


o Providing analytical services, including spend analysis, maturity assessments, opportunity assessments and Should cost modelling
o Supporting the quantification of potential savings and ongoing benefits tracking and realisation.

Procurement Transformation

o Assessment of a client’s existing procurement capability against leading practice
o Identifying procurement improvement areas across people, process and technology
o Developing Procurement Strategy and business alignment
o Defining new procurement operating models that enhance procurement value creation and return on procurement
o Evaluating insource / outsource for back- and middle-office as well as frontline services - including working in or delivering outsourced contracts
o Designing improvements in Procurement capability including through the introduction of leading practice procurement operating models, organisation redesign, procurement techniques, technology and processes
o Supporting our clients to implement improvements across the end to end Source to pay Process including business partnering, benefits realisation, procurement analytics, category management, sourcing, contract management supplier management and purchase to pay
o Producing and delivering structured training courses to upskill an existing procurement and supply chain team.

Digital Procurement Strategy


o Providing insight on the procurement technology market across Source to Pay, Supply Management, Analytics and Category Management
o Helping clients to develop a digital strategy for Procurement that leverages cloud based source to pay technology, advanced analytics, collaborative category management technology, robotics process automation and AI solutions
o Building a technology roadmap that drives speed to value for our clients
o Supporting the sourcing and evaluation of digital solutions to meet business requirements


Cost and Cash Optimisation


o Procurement analytics - Analysis of and insights from data (incl spend) to drive better decision making
o Identification of savings/value creation opportunities using a range of demand and supply side levers
o Delivering savings/value creation initiatives through strategic sourcing, contract improvement, outsourcing, supplier management, demand management, cash process improvement, contract audits and other approaches
o Tracking value to the client’s P&L and locking in benefits

Complex sourcing


• Leading complex sourcing including managed services in categories including Facilities, IT and Logistics
• Advising clients on the appropriate strategy for complex outsourcing including service and commercial models
• Planning and executing sourcing and vendor evaluation
• Planning and managing vendor transition and service transformation


As well as managing the delivery of these solutions, the senior manager will lead or support business development activity including:

o Generating sales
o Understanding client requirements and identifying how and where KPMG can add value
o Guiding and informing the development of new propositions and technologies through knowledge gained in the market
o Development of thought leadership and participation in brand-building and brand-awareness exercises
o Building client relationships at senior management levels in our key clients / sectors
o Developing proposals for clients and leading RFP responses
o Defining and executing marketing and sales campaigns
o Balancing both sales and deliver responsibilities


The Person

We are looking for someone with a strong Procurement background, however, it will be advantageous if they also have broader Supply Chain experience.Ideally you will have previous experience of consulting within Procurement and / or have a senior operational management background or similar role within procurement with skills developed across different markets and sectors.

Essential experience:


Digital Procurement Transformation Transforming procurement capability at large corporate clients using digital technology Understanding of the current procurement technology market and trends including providers such as Coupa, Ariba, Ivalua and Oracle Detailed knowledge of procurement processes – including: sourcing, category management, strategic sourcing, contract management, supply relationship management Purchase to Pay (P2P), Experience designing and implementing Procurement operating model changes Experience of change management in complex multi-business unit / multi-geography environments Experience of managing direct reports and / or project team.Additional experience:

Experience of complex cost reduction programmes across direct and indirect spend including, analysis, design and implementation Blue Chip, FTSE 100, Fortune 500 company experience Understanding of advanced procurement analytics techniques, tools and approaches Category knowledge of areas of direct and indirect spend Sector experience in Defence Detailed knowledge of procurement processes demand and supply planning, warehousing, distribution, S&OP, IBP and) procurement procedures.
Key Skills:

Selling, leading and delivering large, complex and transformational programmes and drawing on diverse solutions to successfully resolve client issues. Developing and maintaining excellent relationships with clients and evidence of an existing strong network of client relationships. Managing senior stakeholders up to board level. Recognised as an expert in Procurement and Supply Chain, with ability to provide credible technical insight to clients. Deep knowledge of the sector, and the key client issues. Experience of complex cost reduction programmes across direct and indirect spend including, analysis, design and implementation Experience of change management in complex multi-business unit / multi-geography environments Experience in sustainable procurement process improvement Experience designing and implementing Procurement operating model changes Demonstrating an ability to inspire and foster a sense of self belief in others. Leading and selling solutions drawn from across broader KPMG Advisory Services. Leading teams to deliver projects. Experience of managing direct reports and / or project team. Leading business development activity, developing business cases, and selling new opportunities. Demonstrating perseverance and tenacity, and the ability to communicate compelling and well thought out solutions to complex problems

The Role

Responsibilities:

To manage and develop external client relationships though direct business development activity and internal people/resource management. This will be achieved through:

• Leading client engagement teams and in some instances working as part of a multi-disciplinary team
• Providing a high quality advisory service to our clients
• Building and maintaining strong relationships with both new and existing clients as well as within KPMG
• Reserving for clients in the Lloyd’s / London Market, including for Lloyd’s Statements of Actuarial Opinion and Solvency II Technical Provisions
• Winning new business through marketing and sales activities
• Creation and contribution to high quality thought leadership through written publications, training events, client seminars and conferences
• Contributing to the development of new products and services
• Sharing knowledge and experience and contributing to the development of the team
• Marketing and raising the profile of KPMG
• A willingness to undertake travel will be required on occasion
Current Projects
• Multiple IFRS 17 impact assessments which have also led to IFRS17 implementation projects.
• Statements of Actuarial opinion
• Pricing assurance projects
• Providing assistance to Companies undertaking mergers and acquisitions
• Helping Companies with their capital models and advising on capital planning
• Provision of actuarial expertise to support our Audit colleagues


The Person

Qualifications and Skills:

The successful candidate is expected to be a qualified actuary.


Experience/Knowledge:

• The capability to manage concurrent engagements and play a part in shaping and implementing KPMG's tailored solutions.
• Must be able to produce deliverables to a high standard that are ready for final review, with a complete and comprehensive audit trail.
• Lloyd’s / London Market reserving or pricing experience
• Knowledge of the workings of the Lloyd’s market will be advantageous
• The ability to develop productive relationships that bring in business
• Strong technical and communication skills (both written and oral) and the ability to deal with clients and senior personnel from day one
• Flexibility and an enjoyment of working on challenging projects, and interacting with teams from other business groups
• Strong project and people management skills, and an ability to structure task allocations around critical goals
• Strong coaching skills to develop the capabilities of junior team members
• Advanced Excel skills.
• Knowledge of UK regulatory regime for non-life insurers.
• Knowledge of UK reporting methodologies, e.g. UK GAAP, IFRS, PRA Returns.
• Strong communication skills, both written and oral, and an ability to explain actuarial concepts to non-actuaries.
• A broad knowledge of non-life insurance products
Candidates with any of the following skills would be considered favourably:
• Modelling (eg Igloo, ReMetrica);
• Programming (eg VBA, .NET);
• Must be flexible and enjoy working on a wide range of projects.
• Experience gained within either a consultancy or company environment are both equally advantageous

This role is for London, Leeds or Manchester

The Role

Advising clients on the impact of changing requirements in provision accounting standards (IFRS9) and Basel credit risk capital requirements (IRB). This will model review and validation activities such as:

- Technical model development documentation review;
- Technical model validation documentation review;
- Assessment of model performance;
- Replication testing and Reviewing models’ against IRB regulatory requirements.

The individual will also be expected to perform technical analysis for workstreams within both IRB, IFRS9 and credit risk modelling engagements
The individual will also be required to apply their skills to a broad range of banking risk related issues supporting both regional and national propositions.

The Person

The individual would have the following:

- Extensive experience working within a credit risk model development/validation function within a bank or professional services firm
- Must have experience of managing a team of 2 or more people in a credit risk model development/ validation function
- Has experience in credit risk modelling techniques
- Knowledge and practical experience in at least one of IRB and/or IFRS9 risk models
- Has experience in all aspects of model development/ validation within Retail/ Wholesale banking
- Flexibility to work across the UK (and internationally) where required
- Relevant Sectoral experience – developing Retail/ Wholesale banking PD/EAD/LGD models
- Knowledge and experience of credit risk processes, governance and documentation

Qualifications & Skills:

- Ability to communicate risk/finance requirements of IRB and/or IFRS9 to the reciprocal function, i.e. risk to finance and finance to risk
- Ability to understand and execute programming code including SAS, R, Python
- Flexibility and agility to contribute in a senior capacity to a broad range of banking risk engagements
- Excellent oral / written communication, planning, project management, networking and influencing skills
- Flexibility to work across the UK (and internationally) where required