Cyber – Incident Response - Business Resilience - Consultant to Director
KPMG AustraliaKPMG is a global network of professional firms providing Audit, Tax and Advisory services.
Consultant to Director
Salary Range 60k to 180k+
The role will be working in the Cyber Incident Response Team within our Forensic practice. Cyber security is one of the areas which KPMG has identified for tremendous investment and growth. Our clients face a challenging cyber threat and look to us to help them understand and respond to that threat. This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s capabilities.
• Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
• Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
• Maintaining a current view of the cyber threat, and being able to advise clients on the threat landscape and attacks which may be relevant to them.
• Develop KPMG’s in house cyber-response tools
• Help assess client incident response capability maturity.
• Help stand-up or improve clients’ own incident response capabilities.
• Help with project management of engagements to deliver high quality work in a timely manner, including:
• Basic financial management, Engagement and risk management and Production and review of deliverables.
• Liaising with clients on delivery, implementation and sales issues.
Qualifications and Skills:
• A broad understanding of the cyber security threat landscape.
• Strong technical background in computers and networks, and programming skills.
• Experience of dealing with cyber security incidents and associated response measures.
• Experience of being part of an incident response team, either holding a formal role, or being able to evidence your personal contribution to the team.
• Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques.
• Excellent communication skills (both written and oral) and project management skills.
• Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
• Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
• Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
• Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
• Experience with and understanding of enterprise Windows security controls
• (Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
• (Preferred) General information security certificates such CISSP, CISM or CISA.
• (Preferred) Incident management certifications such as:
• CREST certified incident manager (CCIM)
• GIAC Certified Incident Handler (GCIH)
• (Preferred) Digital forensics certificates such as:
• CREST certified registered intrusion analyst (CRIA)
• CREST certified network intrusion analyst (CCNIA)
• CREST certified host intrusion analyst (CCHIA)
• CREST certified malware reverse engineer (CCMRE)
• GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
KPMG's Management Consulting division is looking for individuals who are passionate about Business Resilience and Cyber risk to join their growing Business Resilience team on a permanent basis. This opportunity will require you to play an active role in growing KPMG's Technology, Risk and Cyber Security service line. You will work closely with clients to evaluate their business strategy, understand their technology environment, and provide recommendations to enable them to improve their ability to respond to disruption risks and threats.
· Working with senior stakeholders on a range of jobs – forming a central point for day-to-day co-ordination of our engagements.
· Assisting the clients to manage disruption risks in a way that enhances their ability to meet business objectives, stakeholder expectations and compliance obligations.
· Performing gap assessments covering the Operational Resilience, Business Continuity, Disaster Recovery, Emergency Management and Crisis Management capabilities of our clients against recognised global and domestic standards and regulations (e.g. ISO22301, ISO27031, APRA CPS232, AS3745-2010).
· Developing benchmarking reports to provide our clients with insight on where they stand when measured against relevant industry practices.
· Improving our clients' understanding and management of disruption risk in both critical processes and technology through designing and implementing effective controls.
· Expanding the technical skills at the Senior Consultant and Consultant levels in the existing team
· Reduce the reliance on key Managers and Associate Directors (within the existing team) to deliver technical consulting work.
· Developing your consulting skills in a range of Resilience services such as Business Continuity, Disaster Recovery, Emergency Management and Crisis Management.
· Leading junior staff to deliver the appropriate outcomes.
Qualifications and Skills:
· We are interested in individuals with experience as Resilience specialists, performing gap assessments covering the Operational Resilience, Business Continuity, Disaster Recovery, Emergency Management and Crisis Management capabilities of our clients
· Knowledge and understanding of recognised global and domestic standards and regulations (e.g., ISO22301, ISO27031, APRA CPS232, AS3745-2010).
· Strong communication skills – particularly in report writing, facilitating interviews, and enriching conversations, presenting to small and large groups, and facilitating day-to-day stakeholder engagement
· Excellent report writing and document design skills to quickly distil complex content into easy-to-understand and visually appealing experiences
· Exceptional MS Office (Word, PowerPoint, Excel, Outlook) and research skills are essential
· A commitment to excellence, problem fixing, and forming high-quality relationships
· Ability to support, lead and inspire stakeholders – including colleagues and clients
· Strong analytical skills, exceptional attention to detail and natural curiosity are essential
· Industry or professional services experience; and
· A willingness to invest in yourself, and in the development of others and KPMG.
We have offices in the following locations:
KPMG is one of the most trusted and respected global professional services firms. We partner with clients across an array of industries to solve complex challenges, steer change, drive disruption, and enable growth.
Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who’ve got your back. You’ll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.
At KPMG, you’ll take control over how you work. We’re embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.
Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact Talent Support Team.
At KPMG every career is different, and we look forward to seeing how you grow with us.
Tags: Active Directory CISA CISM CISSP Cloud Compliance CREST Encryption Forensics GCFA GCIH GIAC GNFA Incident response ISO 22301 Linux Log analysis Log files LUKS encryption Malware Network security Python Reverse engineering Risk management STEM Strategy UNIX Windows
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Analyst jobs
- Open Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Information System Security Officer (ISSO) jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open SOC Analyst jobs
- Open Senior Penetration Tester jobs
- Open Lead Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Security Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Staff Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Security Researcher jobs
- Open Senior SOC Analyst jobs
- Open Pentesting-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open Clearance-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Malware-related jobs
- Open Threat intelligence-related jobs
- Open ISO 27001-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open CISM-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open Security assessment-related jobs
- Open Splunk-related jobs
- Open DevSecOps-related jobs
- Open Finance-related jobs
- Open PowerShell-related jobs