About the job
Job Title/position
Supervisor – Cyber Defense (Technical)
Number Of Positions
Johannesburg: 1
Function And Business Unit
Advisory – Risk Consulting: Technology Assurance (Cyber Security)
Description Of The Role And Purpose Of The Job
KPMG is currently seeking a supervisor to join our Cyber Security consulting and assurance practice. Cyber Security is a part of wider Technology Assurance unit.
The KPMG Cyber Security practice is one of our fastest growing practices. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and market leading tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Technology Assurance.
You Will Be Exposed To a Range Of Exciting Projects Across Industry Sectors And Service Lines Including
Working with KPMG you will consult on client projects, translating business and customer needs into innovative business and technology solutions. You will identify changes and recommend solutions that will typically involve a combination of cyber strategy and security excellence outcomes.
Driving the linkage between business strategy and cyber security (and vice versa), to deliver meaningful outcomes
Defining the technology strategy to create new streams of value in a business, and defining associated technology execution roadmaps
Designing innovative technology solutions for improving cyber security posture and advise on reducing cyber risk
Identify and assist client in meeting compliance requirement for and through cyber security
Assist in program management or assurance for shaping and defining security programs and embed cyber security in wider digital or business program
Working closely with the local team and member firms to bring innovation to our existing capabilities to help KPMG remain at the forefront of strategy, operational excellence and technology practices and thinking
As part of the role you will be expected to have detailed knowledge of security technologies and their application to addressing business challenges. The focus will be on delivering high quality engagement outcomes for our clients and maintaining productive client relationships that allow you to build strong professional networks over time.
We believe in diversity of thought background and unique experience. You need to have a solid background in technology as well as consulting. You're passionate about technology and innovation, finding novel approaches to solve problems. You thrive in a collaborative and innovative culture and want to join a firm that values problem solvers, the kind of people who reimagine the possible for their clients and key stakeholders.
We are looking for people in this role with a passion for and / or experience in the following areas:
Experienced in cyber security strategy, planning and implementation
Strong IT and cyber security technology acumen
Thorough knowledge of standards such as NIST, ISO 27001 and other applicable industry requirements
An experience in automation of compliance and assurance is desirable
Knowledge of application and security architecture on conventional on-premise and cloud stacks (IaaS, PaaS, SaaS)
Abreast of major technology trends, innovations and their practical (or potential) application
Approaches to technology governance and innovative ways of working
Excellent documentation and report writing skills
Key Responsibilities
Play a key role as subject matter expert in the business for specific technology domains.
Perform Vulnerability assessments of Web applications, APIs, Networks, Mobile applications, Desktop, and Cloud infrastructure based on leading security frameworks such as OWASP and CREST
Perform Penetration testing, including infrastructure, wireless and applications. This includes related activities such as Malware Analysis, Social Engineering, Reverse Engineering, Database Security, Network Security and Threat Modelling.
Perform security architecture assessments and configuration reviews on on-premise and cloud environments.
Provide guidance on security architecture, assisting clients with reducing their attack surface and optimizing their cyber defensive capabilities to adapt to modern threats.
Take responsibility for delivering high quality deliverables and outcomes for our clients. Ability to work as well as an individual and in a broader team environment, in line with our KPMG values.
Analyse, workshop and present insights and recommendations enabled by strategic thinking, technical knowledge and strong and clear communication skills.
Demonstrate an ability to translate complex technical results into business language through professional report writing.
Knowledge of current and emerging IT security technologies.
Maintain awareness of latest and common security threats, attack vectors and TTPs.
Ability to diagnose and troubleshoot deep technical issues.
Guide and coach junior team members in line with growth ambitions and required quality standards
Skills And Attributes Required For The Role
Demonstrate a strong grasp of business processes and risk management in areas such as cyber security, cloud computing, identity management, security compliances, technology risk management, and others
Knowledge of enterprise IT environments, cloud platforms and governance processes. The candidate must be proficient with technology platforms and communicate this information to the engagement team and client management through written correspondence and verbal presentations.
Plan and execute client engagements focusing on assessment, review, design and/or implementation of security strategy; identify improvement opportunities in the areas of process efficiency and security including role-based security and identity and access management based on KPMG's methodology
Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
Contribute to practice growth by leading solution design and innovation related to cloud security platforms
Minimum requirements to apply for the role (including qualifications and experience):
A minimum of 3-5 years of hands-on experience in Cyber/Information Security or in a technology related field.
Bachelor's degree from an accredited college/university or equivalent experience.
Security related certifications such as CEH or ComTIA PenTest+. Ideally, candidate will be working towards an advanced security certification (for example OSCP).
Demonstratable track record in security research / training. Presence on GitHub, HackTheBox, TryHackMe, etc will be advantageous.
Excellent written and verbal communication, facilitation, and presentation skills
Ability to travel, subject to regulations
Consulting experience from a well-established consulting practice preferred