Cyber Response, Senior Associate

Cyber Response is one of five pillars in KPMG's cyber security business, the others being Strategy & Governance, Transformation, Cyber Defence (Ethical Hacking) and Education (Training). The Cyber Response team primarily assists clients who have experienced a cyber security incident such as ransomware, business e-mail compromise or other kinds of network intrusion. We investigate the root cause of the incident and the extent of the breach - what systems were affected and if data was exfiltrated. We also help clients to recover from the incident - help restore systems and expel intruders from the network as well as provide practical recommendations on how to prevent further incidents. The typical output of our work is a report which is used by client's management or sent to regulators such as Singapore's Personal Data Protection Commission (PDPC). Other activities include preparing clients for incidents by improving the processes, writing playbooks simulating incidents through war games and providing bespoke training. You will work with an experienced team of forensic professionals, cyber incident coordinators, security professionals, attorneys, and corporate partners. As your experience grows, you will have opportunity to work in other pillars, but your first few years will be directed to become proficient in cyber response. This role involves: Your tasks could include computer imaging, log file analysis, investigating computer artefacts, analysis of malware, briefing your colleagues and clients, and writing parts of reports. Day to day, you will be working in project teams, independent, but supervised by more experienced colleagues - Managers, and Associate Directors. You will also supervise and advise more junior colleagues on their day-to-day tasks. Cybersecurity incidents can occur at inconvenient times such as on a Friday afternoon You will have to be flexible to accommodate the need to work outside of regular office hours. We value your wellbeing and are committed to being mindful of your personal and family needs. Through KPMG's "Take Charge" program, we provide you with the flexibility to set your working hours. We encourage to make best of use of your time by working from office and home as appropriate. What are we looking for: Hunger for knowledge. Cyber security is a rapidly expanding knowledge. You will have to continuously learn both on the job and on your own. KPMG will provide time and access to industry leading learning materials, but it will be up to you to make full use of these. 3-4 years of experience in a technology related field including at least 2 years in a technical role in cybersecurity with exposure to incident response and digital forensics. Good understanding of networking, how Internet works, computers, and basic familiarity with any one of big cloud providers such as Azure, Amazon Web Services or Google Compute Platform, and, of course, Cyber Security. Understanding of Microsoft Windows and Linux operating systems (OS). You should be able to understand the OS permission and security model, perform basic system maintenance tasks such as install the operating system, apply configuration from a guide, add/remove users and review system security logs against a checklist. Good understanding of digital forensics and experience (or hands-on training) applying these skills. Computer troubleshooting skills - ability to troubleshoot using common network and system tools. Comfortable with command line especially on Linux and able to write simple scripts that use a loop to iterate over files. Ability to program in any popular language and troubleshoot programs. Most of bespoke cyber security tools in KPMG are written in Python. If you have previous experience programming in other languages, you should be able to translate the concepts after a brief training time. The expected programming proficiency is to be able to write a program that reads a log file line by line, parses it into fields using regular expressions, enriches data by issuing requests to a web API and writes to a file the result. Interpersonal/other skills: Time management. It is not uncommon to work on two projects at the same time. You should be able to understand priorities, be confident enough to clarify the priorities from senior team members and raise concerns if these are not achievable. Presentation skills. You should be comfortable presenting your conclusions to your colleagues and answer questions. KPMG will provide further presentation skills training. Ability to write in plain English. Most projects end with a report presented to the client; you will be expected to write sections of the report on the areas you have worked on in plain (business) English. Leading self. You should be able to work by yourself towards your mid-term and long-term career goals. Your senior peers will provide coaching and mentoring. Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only. At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.