I'm looking for
Search results for "Forensic"
Cyber Security Incident Response - Assistant Manager
Service Line: RC Technology
Planner/Project Controls Engineer IAG (Assistant Manager)
Service Line: Corporate Finance
The role will be working in the Cyber Response Services (CRS) Team within our Risk Consulting practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s proprietary in-house toolkit.
In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience. You will be expected to lead one or two analysts to achieve a task in a project, as well as have the opportunity to work with, and learn from, our most experienced team members as part of your continuous development.
When not responding to incidents, you will help our clients to build their in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.
We will welcome applications from candidate with a good competency in incident management, but with a developing competency and keen interest in digital forensics, or vice versa. KPMG will provide training and coaching to help you continually improve you skills. Strong technical competency - intermediate systems administration skills and programming skills to develop tools, however, is a pre-requisite.
Our clients expect that cyber-incidents will be tackled with urgency, therefore, there is an expectation that you will be flexible in terms of working hours. In return, KPMG will offer flexible working hours and work from home days for employees who have demonstrate reliability in delivery. For example, if you are writing a post-mortem report or working on a run-book, you can do so from home.
Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG.
• Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Develop KPMG’s in house cyber-response tools
• Help assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Help with project management of engagements to deliver high quality work in a timely manner, including:
• Basic financial management
• Engagement and risk management
• Production and review of deliverables.
• Liaising with clients on delivery, implementation and sales issues.
This position is well suited for an individual with 3 to 5 years of experience in cyber-security and incident response. For example: a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client through a structured incident response process – triage, containment, eradication and recovery. If you are provided with forensic data such as: disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, source of infection and use online research to identify malware family.
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence your personal contribution to the team.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• A genuine interest and desire to work in the information security field.
• Standing and positive reputation in the information security community is seen as a plus.
Qualifications and Skills:
The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM)
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA)
• CREST certified network intrusion analyst (CCNIA)
• CREST certified host intrusion analyst (CCHIA)
• CREST certified malware reverse engineer (CCMRE)
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
• (Preferred) A current government security clearance (SC/DV) or willingness to acquire such a clearance will be seen as an advantage.
KPMG’s Infrastructure Group in the UK consists of c150
professionals and is widely recognised as one of the world’s leading
independent business, financial and regulatory advisers in infrastructure. The
group has won many awards, including Financial Advisor of the Year
(Infrastructure Journal) for several years. The group has locations in London,
Birmingham, Edinburgh, Leeds and Manchester, but is organised on a national
basis, operating under a single national team.
You will be joining a team of experts with deep industry
experience in major projects and programmes delivery. As an Associate/Assistant Manager you will support
our Major Projects Advisory Integrated Controls' practice in the delivery of
high quality services to top tier public and private sector clients including
government agencies, contractors, industry associations, developers, investors
and asset managers, by bringing planning, scheduling and project controls expertise
to the team.
Description of the role:
- Carry out planning reviews and advising clients on appropriateplanning techniques and good practice.
- Working with clients to develop overarching project orprogramme plans and integrated strategic schedules.
- Support in carrying out the maturity assessments ofclients' planning capability and providing recommendations on improvement areas.
- Carry out schedule forensic analysis to determine delay causations.
- Perform schedule modelling and scenario based analysis.
- Perform qualitative and quantitative schedule riskassessments using industry-led tools.
- Perform quality assurance and audit of schedules.
- Play a supporting role in business developmentinitiatives, including presentations, client meetings, and contributing to practice development initiatives.
Leadership & Management:
The role involves managing people to drive an output and
may involve managing direct reports internally and/or within the client
Stakeholders Interactions & Challenges
The role will be
expected to work across KPMG functions as well as with clients, and will be
required to build and maintain strong relationships by working collaboratively
and effectively managing these relationships.
Impact, Risk, Accountability & Governance
The candidate will represent KPMG in front of clients,
our values need to be aligned and our ways of working to be inclusive well
represented. Failure of the candidate to
uphold our values could damage client relationship and/or impact on repeat opportunities.
- Subject matter expert in project planning and scheduling.
- Experience across major infrastructure project development and delivery in the public and private sectors.
- Solid project controls/project engineering and/or risk management experience.
- A Bachelor's degree and a Master's degree with preference in Engineering
- Understanding of operating models, policies, procedures and governance to support successful programme and project delivery.
- Experience in Transport, Defence or Energy sector
Technical role requirements:
- Advance Microsoft Office
- Primavera P6, MS Project
- Primavera Risk Analysis
- Acumen Fuse Analysis
- Monte Carlo simulation
- Strong analytical, interpersonal and communication skills
- Ability to bring complex concepts to life fornon-specialist audience
- Stakeholder management
- Ability to quickly assimilate and apply new techniquesand knowledge
- Proactive and able to work with minimal supervision.