Associate & Senior Associate
JOB REF: SG/ADV/IPBR/201204
We invite highly motivated, dynamic professionals with a passion for security to join our growing Information Protection and Business Resiliency practice.
KPMG Information Protection & Business Resiliency (IPBR) Advisory professionals assist clients to protect the confidentiality, integrity and availability of their IT infrastructure and data. KPMG provides a broad range of IPBR services covering technology-focused assessments (e.g. penetration testing), compliance and process reviews (e.g. PCI-DSS) and through to implementation of information security solutions. We work with our clients at all levels, up to and including the company board. Successful candidates will have the opportunity to work in a fast growing field and challenging environment with like-minded people who are highly-qualified in their respective fields.
IPBR – Security Assessment (Senior Associates and Associates)
Successful candidates will play a significant role in conducting IT security assessments of application, infrastructure and security processes for complex and technically challenging IT environments.
The role involves:
Personality traits leading to a good fit into the team include independence, innovative and resourceful thinking with strong interpersonal, organisational, presentation and report writing skills. A naturally inquisitive mind with an ability to think “outside the box” is preferred.
- working in a collaborative team to deliver information security assessment, testing and compliance advisory services as well as to implement key information security solutions.
- identifying and resolving complex issues and develop innovative solutions for clients.
- supporting the development of recommendations and presentations for client engagements.
- working with high profile clients on a variety of local and international engagements.
The ideal candidate should:
For the positions of Senior Associates candidates should:
- possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer/Electronics), or related disciplines.
- have a good working knowledge of information security principles, techniques and standards, and a strong passion for application security and exploits.
- preferably have an experience in:
• vulnerability assessment and penetration testing using both open source and commercial tools at least 1 year of software development experience
• J2EE, Java and .NET technology
• OWASP Top 10 security vulnerabilities
- have strong analytical and problem solving skills.
- possess excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences.
- be willing to travel on regional and international assignments.
Interested candidates can apply by completing the Online Application Form quoting this job reference (SG/ADV/IPBR/201204) and stating the position applied for.
- have prior consulting experience in IT audit, IT risk assessment or IT security.
- have experience in using open source and commercial code review tools, or preferably have performed manual source code reviews to identify application security backdoors, vulnerabilities and logic errors.
- preferably possess professional certifications such as CISSP, CISA or other relevant qualifications (e.g. CEH, GIAC).
All applications will be held in strict confidence.
We have job opportunities in audit, tax and advisory to match your interests and experience.