Digital Trust Cyber Defense Analyst

Gurgaon, Haryana, India

KPMG India

KPMG is a global network of professional firms providing Audit, Tax and Advisory services.

View company page

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Function: Risk Consulting – IT Advisory

Role:  Cyber Security- Eth-Hack

IT Advisory

Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either assurance (attestation) including ISAE 3402/SSAE 18 engagements and/or risk advisory including but not limited to IT audit supports in nature.


·        Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables.

·        Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status.

·        Risk Assessment, identification and Evaluation of Controls, capturing the same in Risk & Control Matrix.

·        Perform testing of IT Security Application Controls and Interface Controls, IT General Control review, Change Management, Access Control, Business Continuity and Disaster Recovery

·        Perform business process walkthrough and controls testing for ISAE 3402/SSAE 18 engagement.

·        Performing SOC 1, SOC 2 review for clients

·        Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues, and communicate this information to the project manager.

·        Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables.

·        Demonstrate a thorough understanding of complex information systems and apply it to client situations.

·        Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed.

·        Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress.

·        Monitoring and Tracking for Budget and Time Estimates on engagements.

Skill Set:

Technical Skills:

·        Vulnerability Assessment (VA)         

·        Penetration Testing (PT)

·        Web Application Security

·        Knowledge of security assessment tools e.g. Nessus, Acunetix, Appscan, nmap etc.

·        Knowledge of Operating systems preferably Linux / UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipments

·        System and Network Hardening

·        Network Security Architecture Review

Process Skills:

·        Information Security Management System

·        Business Continuity Planning (BCP) / Disaster Recovery (DR) Planning

·        Development of Policy & Procedures

·        Information Security Reviews

·        Risk Assessment & Management


·        CISSP

·        CISA / CISM

·        CEH

·        ISO 27001 LA / LI

·        BS 25999 LA / LI or CBCP

·        CCSP


·        0-2 years experience in the related field, preferably with a consulting firm and in a Banking or Telecom domain or any domain

·        Either one of the above certification, preferably CISSP or CISA / CISM

Business Development

·        Managers shall be significantly involved in business development – lead generation till closure. They are expected to possess considerable client relationships which could lead to business opportunities. They may be assigned a market/geography/solution/account or a set of clients for business development. They shall be responsible for generating an agreed amount of revenue for the year

·        Proactively does sales oriented reporting during projects. These would include identifying possible business opportunities for various practices within KPMG

·        Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge

Thought Leadership

·        Contribute to solution development

·        Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge. ADs are expected to be part of industry forums

·        Participate in practice initiatives and at times lead such initiatives such as knowledge management or thought leadership


People Related

·        During the course of your work, you will be expected to be a people leader for your department/location and to also manage a team in terms of staffing, appraisals etc.

·        Coordinating in developing the practice (people / clients and skills)

·        Plays role of a performance manager for junior staff. Is actively involved in training, coaching and mentoring of his/her team


Equal employment opportunity information 

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
Any Technical Graduate
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Audits Banking CCSP CEH CISA CISM CISSP Cyber defense ISO 27001 Linux Monitoring Nessus Network security Nmap Pentesting Risk assessment Security assessment SOC SOC 1 SOC 2 Solaris UNIX

Perks/benefits: Career development

Region: Asia/Pacific
Country: India
Job stats:  17  7  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.