Job Title
Manager - Cyber Defense - TRC
Grade
Experienced
Department
Tech, Risk, Cybersecurity
Descriptions
The Cyber Defense Senior Associate role will be working in the Cyber Defense Services (CDS) Team within our Technology Risk and Cyber practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
Responsibilities
- Oversee planning, design, implementation, testing, and operation of cyber security processes and systems.
- Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations and fusion centers.
- Perform offensive cyber security engagements simulating adversaries during red team operations leveraging adversarial Techniques, Tactics and Procedures (TTPs);
- Managing the Cyber Defense serviceline consisting of vulnerability scanning, applications security, enterprise vulnerability assessments, social engineering, physical security assessments, web application assessments, remediation management, and penetration testing.
- Define vulnerability assessment and penetration testing policies and standards in alignment with firm mission and direction.
- Work with the security governance, risk, and compliance capability to ensure vulnerability scanning incorporates controls and compliance requirements.
- Oversees the development and enhancement of Cyber Defense / Offensive Security services to include process and collaboration improvements.
- Develop next generation threat detection solutions leveraging machine learning and AI.
- Present firm-based approaches and messaging at internal training classes, external events, and client meetings.
- Malware reverse engineering.
Requirements
- 8-10 plus years of security experience preferable and 2 plus years of IT experience preferable
- Bachelor's Degree in Computer Science, Computer Networking, or Computer Security or equivalent
- Experience of leading highly skilled teams in pressured, complex environments
- Expert knowledge of Vulnerability Management Systems such as Qualys, Nessus, Rapid7, NetSparker/Acunetix, ZAP, Veracode, Kali Linux ,BurpSuite ,Nikto etc.
- At least 2 Major ethical hacking certifications e.g., CEH, OSCP, OSWE, OSWP, GPEN, CREST, GCIA, GCIH, OCSP, CISSP
- Exceptional interpersonal, team building, mentoring, and leadership skills with a demonstrated ability to gain the confidence and respect of senior level executives
- Ability to travel and work in a fast paced, results driven environment, grasp new technology, and contribute at a rapid pace