Cyber Security Consulting, Associate/ Senior Associate
job description
At KPMG, your long-term future is every bit as important to us as it is to you. That's why our aim is to give you experiences that will stay with you for a lifetime. Whether it's great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities - you'll gain a wealth of experiences on which to build a rewarding career. We're proud of our culture - it's one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it - striving to be better lies at the heart of who we are.
Technology underpins many of the most influential organisations in the world and presents opportunities for businesses that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to risks. We believe that by turning traditional thinking on its head, adopting a positive approach to managing risk, will set organisations free to achieve their business aspirations.
KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk &
cyber security solutions.
Cyber team members regularly interact with C-Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind-set, understanding of IT within a Business context, and well-developed communication skills are desirable.
The role involves:
- Stakeholder Interaction:
Collaborate with key stakeholders through interviews and workshops to gain insights into their business profiles, cyber security needs, and strategic goals. - Policy Evaluation:
Analyse current policies, standards, and procedures to assess the client's cyber security capabilities. - Security Assessment:
Evaluate the client's cyber security maturity and regulatory compliance by applying industry standards like the NIST Cyber Security Framework, ISO27002, CIS Critical Security Controls or other Cyber Security best practices. - Strategic Recommendations:
Formulate actionable recommendations to bridge gaps and design a strategic roadmap aimed at enhancing the client's cyber security maturity, resilience and regulatory requirements. - Proposal Support:
Contribute to the development of proposals and presentations to effectively communicate strategic recommendations to clients.
The ideal candidate should possess:
- Degree in technology, engineering, or business studies with information systems major/minor along with deep interest in technology risk, security and IT governance will be considered
- Minimum 1 to 3 years of consulting experience in IT risk assessment or IT security
- Good knowledge on new developments in cyber services capabilities and industry knowledge
- Good working knowledge of information security principles, techniques and standards
- Professional certifications such as CISSP, CRISC, CISA, CISM, PMP or other relevant qualifications
- Driven to learn new things and share knowledge with your clients and colleagues
- Strong analytical, problem-solving and interpersonal skills
- Excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.
At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge:
Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.