Search for your next opportunity.
Associate / Senior Associate - Cyber Defense - TRC (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Associate / Senior Associate - Cyber Defense - TRC
Grade
Experienced
Department
Tech, Risk, Cybersecurity
Descriptions
The Cyber Defense Senior Associate role will be working in the Cyber Defense Services (CDS) Team within our Technology Risk and Cyber practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
Responsibilities
This role must have skills and experience in Red Teaming, Web Application testing, Mobile Application testing, and Infrastructure testing and would be part of an engagement team : - Perform manual penetration tests of websites, APIs, web services, infrastructure, networks, IoT - Devices, and mobile applications to discover and exploit vulnerabilities; - Assist technical leadership, share advice with team members on attack and penetration test engagements; - Plan and execute offensive security engagements through penetration testing, red team operations, social engineering, physical security assessments, web application assessments; - Perform offensive cyber security engagements simulating adversaries during red team operations leveraging adversarial Techniques, Tactics and Procedures (TTPs); - Evaluate the security posture of third-party integrations and partnerships; - Translate red team engagement findings into actionable items for both technical and executive audiences; - Converse with non-technical audiences and articulate both scoping conversations as well as report read-outs; - Guide technical audiences on remediation options, and assist them in weighing those options; - Partner with the Cyber Defense teams to develop new testing techniques, automation for testing and marketing collateral to support the practice; - Document detailed steps on tools and techniques in performing tests; and - Document lesson learnt after performing tests.
Requirements
- Bachelor’s degree /Diploma in an appropriate field from an accredited college/university; - The candidate must have 3 to 5 years of relevant experience in a similar role, preferably in a professional services organization; - At least 3 years of experience with using these penetration tools to perform security tests: - NetSparker/Acunetix - ZAP - Veracode - Kali Linux - BurpSuite - Nikto - Knowledge of using orchestration and automation solutions in managing campaign and results - Major ethical hacking certifications: - CEH - GPEN - CREST - OSCP, OSWE, OSWP - CREST CRT, CPSA
Manager - Cyber Defense - TRC (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Manager - Cyber Defense - TRC
Grade
Experienced
Department
Tech, Risk, Cybersecurity
Descriptions
The Cyber Defense Senior Associate role will be working in the Cyber Defense Services (CDS) Team within our Technology Risk and Cyber practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat.
Responsibilities
- Oversee planning, design, implementation, testing, and operation of cyber security processes and systems. - Provide guidance on security architecture for threat detection and response systems used as a part of the overall security operations and fusion centers. - Perform offensive cyber security engagements simulating adversaries during red team operations leveraging adversarial Techniques, Tactics and Procedures (TTPs); - Managing the Cyber Defense serviceline consisting of vulnerability scanning, applications security, enterprise vulnerability assessments, social engineering, physical security assessments, web application assessments, remediation management, and penetration testing. - Define vulnerability assessment and penetration testing policies and standards in alignment with firm mission and direction. - Work with the security governance, risk, and compliance capability to ensure vulnerability scanning incorporates controls and compliance requirements. - Oversees the development and enhancement of Cyber Defense / Offensive Security services to include process and collaboration improvements. - Develop next generation threat detection solutions leveraging machine learning and AI. - Present firm-based approaches and messaging at internal training classes, external events, and client meetings. - Malware reverse engineering.
Requirements
- 8-10 plus years of security experience preferable and 2 plus years of IT experience preferable - Bachelor's Degree in Computer Science, Computer Networking, or Computer Security or equivalent - Experience of leading highly skilled teams in pressured, complex environments - Expert knowledge of Vulnerability Management Systems such as Qualys, Nessus, Rapid7, NetSparker/Acunetix, ZAP, Veracode, Kali Linux ,BurpSuite ,Nikto etc. - At least 2 Major ethical hacking certifications e.g., CEH, OSCP, OSWE, OSWP, GPEN, CREST, GCIA, GCIH, OCSP, CISSP - Exceptional interpersonal, team building, mentoring, and leadership skills with a demonstrated ability to gain the confidence and respect of senior level executives - Ability to travel and work in a fast paced, results driven environment, grasp new technology, and contribute at a rapid pace
Manager – Enterprise Risk Management - GRCS (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Manager – Enterprise Risk Management - GRCS
Grade
Experienced
Department
Governance, Risk and Compliance Services
Descriptions
As a Manager, you will manage and drive client projects and engagements focusing on risk advisory services. Participate in client engagements and maintain close client working relationship. Provides technical knowledge, coaching and supervise team members. Ensures effective engagement management by achieving the required realisation, revenue and profitability targets. You will contribute towards business development, client proposals and deliverables.
Responsibilities
- Lead, manage and participate in risk advisory engagements and projects. - Lead and participate in internal audit advisory assignments or engagements. - Formulate practical recommendations and better practices to improve governance, risk and compliance processes. - Review work performed by Associates with regards to risk advisory engagements and projects. - Participate and conduct client meetings (kick off, progress and closing meetings). - Report writing and review reports. - Take part in business development activities, i.e., assist in client proposals, preparation of engagement contract and presentations. - Assist in the development of our service offerings.
Requirements
- You should have good grasp of pertinent risk management standards, risk management framework and practices as well as knowledge in internal audit practices. - Relevant experience or familiar with sustainability/ ESG. - Sound knowledge of industry issues and emerging risks. - Proven experience effectively prioritising workload and project manage to meet deadlines and work objectives. - Demonstrate the ability to present and write clearly, succinctly, and in a manner that appeals to a wide audience. - Good team player and ability to provide coaching and guidance. - Ability to lead and motivate teams. - Excellent interpersonal, communication and presentation skills. - High analytical and rationalization ability. - Ability to manage deadlines and prioritize tasks.
Audit Assistant Manager (Johor Bahru)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Audit Assistant Manager
Grade
Experienced
Department
Audit Assurances
Descriptions
In today’s world, audit is no longer just about compliance. It is about cutting edge and risk based methodologies and knowing what is happening in the outside world. Our Assurance practice helps add value to clients through audit, management assurance, advisory and information risk management services. Integrity, quality and independence are the building blocks of KPMG’s approach. Fundamental to a risk-based audit approach, we understand the way our clients run their businesses and drive their performances and the way this impacts their financial statements. KPMG’s extensive experience and proprietary tools have enabled us to provide seamless service to clients across industry sectors and geographical boundaries.
Responsibilities
- Working in teams to acquire an in-dept understanding of our client’s business. - Carrying out the audit based on audit planning, prepare appropriate audit work papers. - Understanding the relationships between objectives of the audit sections, the need for the sufficiency of audit evidence, and presentation of the conclusions
Requirements
- Degree holders majoring in Accounting or Accounting & Finance from leading universities and professional qualification are encouraged to apply - Strong managerial potential, good analytical skills and the ability to established excellent client and staff relations - Must be able to work independently as well as lead and work in a team - Minimum 3 years’ of audit experience
Audit Manager (Johor Bahru)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Audit Manager
Grade
Experienced
Department
Audit Assurances
Descriptions
In today’s world, audit is no longer just about compliance. It is about cutting edge and risk based methodologies and knowing what is happening in the outside world. Our Assurance practice help add value to clients through audit, management assurance, advisory and information risk management services. Integrity, quality and independence are the building blocks of KPMG’s approach. Fundamental to a risk-based audit approach, we understand the way our clients run their businesses and drive their performances and the way this impacts their financial statements. KPMG’s extensive experience and proprietary tools have enabled us to provide seamless service to clients across industry sectors and geographical boundaries.
Responsibilities
- Managing audit engagements which include initial engagement planning, analysis of controls and processes, preparation and review of audit documentations and management letters and reports and monitoring of engagement progress against budget and timeline. - Developing and maintaining long-term client relationship and identifying business development opportunities. - Coaching and developing team members to achieve technical competencies and efficient performance.
Requirements
- Degree holders majoring in Accounting or Accounting & Finance from leading universities and professional qualification are encouraged to apply - Proven auditing competencies with a minimum of 5 years’ relevant working experience - High technical ability, excellent interpersonal skills and strong leadership qualities
Tax Consulting Assistant - Global Mobility Service (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Tax Consulting Assistant - Global Mobility Service
Grade
Graduate
Department
Global Mobility Services
Descriptions
KPMG GMS Practice offers a broad range of professional services which include Malaysian personal tax services, Malaysian tax consulting and related services as well as Malaysian immigration services. We help multi-national companies and big local companies in managing the employee taxes and employer tax reporting obligations for the inbound and outbound assignees. Our GMS professionals are well trained to render value added advice to our clients
Responsibilities
- Preparing individual tax computations and tax returns for timely submission to the tax authorities. - Assisting tax consultants in managing job portfolio and related assignments. - Liaising with the tax authorities on finalization of tax matters. - Working as a team on specific client engagements/ advisory projects.
Requirements
- A recognized university degree or a professional qualification in Accounting/Finance/Business or related disciplines. - Good working knowledge of Microsoft Office applications such as PowerPoint, Word and ExceI - Initiative and proficient in English and Bahasa Malaysia and possess written and, verbal communication as well as interpersonal skills - Must be able to work independently as well as in a team. - Fresh graduates are encouraged to apply.
Assistant Manager/Manager - Forensic Services (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Assistant Manager/Manager - Forensic Services
Grade
Experienced
Department
Forensic Services
Descriptions
KPMG Forensic offers robust, practical advice, helping our clients dealing with: - Fraud, misconduct and corruption investigations - Commercial disputes advisory and litigation support - Digital evidence recovery - Regulatory compliance - Anti-money laundering & sanctions services - Intellectual property and contract governance - Fraud risk management and fraud detection KPMG Forensic aims to provide our clients with the tools and services they need to keep on top of the major risks they face. https://home.kpmg.com/my/en/home/services/advisory.html
Responsibilities
- Work with the team to provide high-quality, professional day-to-day execution of compliance or internal control engagements and projects in line with the Firm’s risk management practices for clients across wide range industries. - To champion technical expertise and provide robust and value-added advice to clients. - Support Anti-Money Laundering (“AML”) compliance reviews, health checks and KYC remediation engagements and take responsibility for supervising the engagement team. - Lead the team in overall AML and Sanctions related engagements such as gap assessments, compliance monitoring, delivering AML trainings, developing or enhancing AML policies and procedures for clients and performing system validations. - To contribute to client service teams as a high-level technical expert to strengthen design and delivery of solution. To lead key client relationships. - Assist with the opportunity / engagement management process; from proposal preparation, budgeting, completing risk management formalities and reporting. - Perform engagement planning, scheduling, coordination and administration of engagements as well as ensuring execution of work as per the agreed scope of work. - Identify control / performance improvement opportunities for clients and communicate findings to the person in charge of the project. - Produce quality working papers and assist in drafting reports. - Maintain professional and positive client interaction and relationships. - Assist in marketing activities and in developing the Forensic practice. - Contribute to personal and overall team development, through staying up-to-date with AML related news and regulatory developments. - To contribute to the identification, development and management of talent across service line. - To develop and generate new business for the service line and the firm. To develop and sustainable client relationships for the service line and the firm.
Requirements
- Candidate must possess at least a Bachelor’s Degree in Accounting; Economics; Finance; Business Administration; Financial Risk Management, Law or any other equivalent qualifications. - A minimum of 5 Years relevant experience in advisory firm (Big 4, mid-tier or general consultancy) or working experience in Compliance/AML (managing the overall AML/CFT framework) in a Financial Institution / Regulatory Body. - Sound technical knowledge of AML/CFT and Sanctions. - Demonstrate good analytical and problem-solving skills, experienced in managing projects, self-motivated and possess an inquisitive mind. - Excellent written and oral communication skills, technical and business writing and presentation skills Computer skills is a must, specially well versed with Word, Excel and PowerPoint. - Candidate must have CAMS / ICA or an advanced AML Certification. - Familiarity with AML Solutions, Fraud Risk Management Solutions, Data Analytics, and any Programming Languages is an added advantage.
(TRC) Senior Associate / Assistant Manager - Cyber (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
(TRC) Senior Associate / Assistant Manager - Cyber
Grade
Experienced
Department
Tech, Risk, Cybersecurity
Descriptions
In this role, we are looking for a person who can demonstrate a good technical background and has a desire to improve and learn new knowledge. When not responding to incidents, you may be helping our clients build their in-house incident response capabilities, which could include building and developing cyber-response tools, authoring and adapting runbooks and playbooks, assessing the incident response maturity, and assisting in table-top cyber-scenario exercises. When not working with clients, you will be researching, sharing, and maintaining knowledge on the latest attack and threat actor trends, as well as researching and testing the latest threat detection solutions and developing in-house tools. Above all, KPMG is looking for someone who is passionate about helping our clients with their cyber security challenges, often at a time of critical need. In return, we are committed to helping you to enjoy the role and develop your skills and career within the KPMG with the objective of progressing into a senior leadership role.
Responsibilities
• Investigate cyber security incidents for our clients, working closely with the cyber response lead. • Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). • Keeping up with the latest cyber threats and being able to advise clients on the threat landscape and threats that may impact them. • Recognize common attacker tools, tactics, and procedures. • Participate in the development of KPMG’s in-house cyber-response tools. • To comply with KPMG information security objective and adhere to all relevant policies, procedures, and guidelines. • For senior level, project management involvement is required. • Perform other duties as and when required.
Requirements
The successful candidate will demonstrate competency in computing and networks as well as in cyber-security either by having the relevant work experience, completed a degree or obtained industry relevant certification. Therefore, the qualifications below should be seen as means to demonstrate competency and not as a requirement. The desired skill and qualification is provided below:
• 3-5 years of direct experience in digital forensics, incident response, malware analysis or security operations (SOC).
• Good team player with the ability to fulfil tasks within a set time frame.
• Demonstrated critical thinking and problem-solving abilities.
• A strong desire to learn more about information security and a commitment to professional growth.
• Excellent communication skills (both written and oral).
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skills set to be able to author and develop tools.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics.
• Working knowledge of the Cyber Kill Chain Model and MITRE ATT&CK Matrix and how each methodology can be applied.
• Sound knowledge of industry computer forensic tools such as X-Ways, EnCase, FTK, AXIOM, XRY and/or Cellebrite
• Sound knowledge in preservation of digital evidence (logical, physical, cloud, encrypted devices).
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred.
Qualifications and Education requirements
• Minimum qualifications required: B.E/B. Tech or Equivalent
• Excellent communication skills and project management skills.
• Must have Digital forensics certificates such as:
- Certified Digital Forensic Examiner (CDFE)
- GIAC- GIAC Certified Forensic Examiner (GCFE)
- CREST certified malware reverse engineer (CCMRE)
- GIAC Certified (Network) Forensic Analyst (GNFA)
• Must have Incident management certifications such as:
- CREST certified incident manager (CCIM)
- GIAC Certified Incident Handler (GCIH)
• (Preferred) General information security certificates such CISSP, CEH , CHFI etc.
Internship - ITET (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Internship - ITET
Grade
Internship
Department
Information Technology Enabled Transformation
Descriptions
KPMG strives to gain a thorough understanding of our clients’ business goals to help ensure the way technology is used drives growth, and improves business performance whilst retaining operational integrity. We help some of the world’s largest organizations identify and secure the maximum benefit from their technology enabled programmes. By operating as integrated teams of business and technical specialists, we reflect the high degree of interdependency between the performance of our clients ’business functions and the underlying technology. By doing this we capture the business benefits, rather than providing a purely technical solution.
Responsibilities
- Support project Manager or work-stream leader to execute the project plan to achieve project KPIs. - Support the Business Development team in proposal writing and development of sales presentation and research. - Plan and perform research and analysis in accordance to project requirements. - Support Project Manager in project monitoring and execution. - Support Project Manager in preparing and maintaining project documentation.
Requirements
- Independent, self-motivated, organized, and results oriented individuals. - Ability to multiple tasks and meet tight deadlines. - Strong analytical and management skills. - Good command of English. - A combined understanding of both Information Technology and Business. - Good working knowledge of Microsoft Office applications. - Minimum CGPA of 3.0 above/WAM 60/2nd Class Upper.
Departmental Secretary – Strategic & Operations (Petaling Jaya)
Closing Date: Dec. 31, 2024
Position Details
Job Title
Departmental Secretary – Strategic & Operations
Grade
Graduate
Department
Strategy and Operations (Management Consulting)
Descriptions
Responsible for performing a variety of administrative, secretarial and clerical duties and to run their superiors’ office efficiently.
Responsibilities
- Takes and transcribe moderately complex and/or confidential dictation such as compiling reports, furnishing information, preparing agendas, responding to routine correspondence and researching background materials. - Scheduling meetings and appointments, organizing and maintaining paper and electronic files. - Providing information via the telephone and dealing with incoming and outgoing correspondence. - Organizing and supervising filing systems. - Preparing monthly report on staffs utilization and productivity. - Preparing monthly report on billing, collection and debtors. - Preparing monthly report on engagement status monitoring. - Assists Partner and Management team in their monthly claims submission. - Assists new joiners to the department. - Assists in making all the work-related Travel, Visa and Insurance Arrangements for the team members in the department. - Monitor and record the status of assets under the department. * Fill up Partner and Executive Director timesheet on weekly Basis. * Manage Partner Calendar and appointments.
Requirements
- Diploma in Secretarial studies, PSC or its equivalent. - At least 2 years’ professional secretarial experience with strong administrative, and organizational skills. - Meticulous, trustworthy and responsible with interest and capability in handling multi- functional/routine tasks. - Excellent interpersonal and communication skills. - Able to interact with the people at all levels. - Independent and able to work under pressure. - Must be proficient (written and spoken) in English. - Computer literate, knowledge in MS Office and Internet savvy. - Able to handle private and confidential matters.