Job Description
47 days ago
About the Role
KPMG China is seeking a highly skilled Cyber Security Consultant to join our Technology Consulting practice. As a key member of our team, you will be responsible for managing topical cyber security issues for our clients, helping them identify and address cyber security risks within their organizations.
Key Responsibilities
• Deliver cybersecurity engagements, including security strategy, policy, and architecture, information privacy and governance, certification and compliance, business and technology resilience, and security testing.
• Communicate technical issues in business terms and deliver value using a pragmatic approach to the technical components of information security.
• Deliver Cybersecurity Maturity Assessments and Cybersecurity Control Gap Remediation projects, covering the design and implementation of controls to address people, process, and technology risks.
• Assess IT security architecture across application, database, operating system, hardware platforms, and network infrastructure for vulnerabilities to cyber-attack.
• Perform Cybersecurity Maturity Assessments by assessing cyber risk factors across 6 functional domains: Leadership & Governance, Human Factors, Information Risk Management, Business Continuity, Technology & Operations, and Legal & Compliance.
• Design and implement processes for Identity & Access Controls, Cyber Incident Management, Intrusion Detection, Threat Intelligence, Cyber Data Analytics, Security Monitoring, and more.
• Identify and communicate engagement findings to senior management and client personnel.
• Assist in continuously enhancing existing cyber assessment methodologies.
• Develop marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients.
• Take an active role in KPMG's global community of security professionals, assist with research into vulnerabilities, and develop our ability to perform security engagements.
Requirements
• Bachelor's degree or above in cybersecurity, technology, engineering, or business studies with information systems major/minor from an accredited college/university, along with a deep interest in technology risk, cyber security, and IT governance.
• 2 years' experience preferably from consulting firms/global system integrators/large enterprises' project teams, experience in financial services is preferred.
• Candidate with less experience will be considered as Consultant.
• Professional qualification holder will be preferable (GPEN, OSCP, CISSP, CRISC, CISA, CISM, PMP, or other relevant qualifications).
• Prior consulting experience in information security preferred, ideally within a professional services environment or internal consultancy function delivering cyber security related services.
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese).
• Strong knowledge on the below skillsets is preferable:
• Interpersonal skills with a demonstrated ability to gain the confidence and respect of senior-level executives.
• Client services orientation and accustomed to taking an active role in executing client engagements.
• Analytical skills and the ability to develop thought leadership publications.
• Knowledge of enterprise technologies, especially networking principles and internet-based technologies, with self-motivated learning ability.
• Knowledge of internet application security, including common internet application vulnerabilities and network architecture to support internet applications.
• Knowledge base in operations, enterprise networking, operating systems, and database security evaluation and architecture.
• Knowledge of IT security vendor products is an advantage.
Benefits
• Well-structured career development and learning path, 1-to-1 coaching by our cybersecurity professionals.
• Access to various cyber security learning resources.
• Wide exposure to working with leading financial institutions and corporations.
• Continuous sponsorship and support on professional certificate development.
• Opportunities for secondment/exchange within KPMG Global network based on staff performance and preference.
• One annual professional membership sponsorship on the approved list.
• Work in a passionate team with blended cybersecurity and technology risk talents.
About KPMG China
At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. We strive to create an inclusive, diverse, and agile workplace for our people to develop and thrive at both a personal and professional level.
We encourage you to come as you are, and we welcome all qualified candidates to apply. Visit KPMG China website for more company information.
KPMG China is seeking a highly skilled Cyber Security Consultant to join our Technology Consulting practice. As a key member of our team, you will be responsible for managing topical cyber security issues for our clients, helping them identify and address cyber security risks within their organizations.
Key Responsibilities
• Deliver cybersecurity engagements, including security strategy, policy, and architecture, information privacy and governance, certification and compliance, business and technology resilience, and security testing.
• Communicate technical issues in business terms and deliver value using a pragmatic approach to the technical components of information security.
• Deliver Cybersecurity Maturity Assessments and Cybersecurity Control Gap Remediation projects, covering the design and implementation of controls to address people, process, and technology risks.
• Assess IT security architecture across application, database, operating system, hardware platforms, and network infrastructure for vulnerabilities to cyber-attack.
• Perform Cybersecurity Maturity Assessments by assessing cyber risk factors across 6 functional domains: Leadership & Governance, Human Factors, Information Risk Management, Business Continuity, Technology & Operations, and Legal & Compliance.
• Design and implement processes for Identity & Access Controls, Cyber Incident Management, Intrusion Detection, Threat Intelligence, Cyber Data Analytics, Security Monitoring, and more.
• Identify and communicate engagement findings to senior management and client personnel.
• Assist in continuously enhancing existing cyber assessment methodologies.
• Develop marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients.
• Take an active role in KPMG's global community of security professionals, assist with research into vulnerabilities, and develop our ability to perform security engagements.
Requirements
• Bachelor's degree or above in cybersecurity, technology, engineering, or business studies with information systems major/minor from an accredited college/university, along with a deep interest in technology risk, cyber security, and IT governance.
• 2 years' experience preferably from consulting firms/global system integrators/large enterprises' project teams, experience in financial services is preferred.
• Candidate with less experience will be considered as Consultant.
• Professional qualification holder will be preferable (GPEN, OSCP, CISSP, CRISC, CISA, CISM, PMP, or other relevant qualifications).
• Prior consulting experience in information security preferred, ideally within a professional services environment or internal consultancy function delivering cyber security related services.
• Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese).
• Strong knowledge on the below skillsets is preferable:
• Interpersonal skills with a demonstrated ability to gain the confidence and respect of senior-level executives.
• Client services orientation and accustomed to taking an active role in executing client engagements.
• Analytical skills and the ability to develop thought leadership publications.
• Knowledge of enterprise technologies, especially networking principles and internet-based technologies, with self-motivated learning ability.
• Knowledge of internet application security, including common internet application vulnerabilities and network architecture to support internet applications.
• Knowledge base in operations, enterprise networking, operating systems, and database security evaluation and architecture.
• Knowledge of IT security vendor products is an advantage.
Benefits
• Well-structured career development and learning path, 1-to-1 coaching by our cybersecurity professionals.
• Access to various cyber security learning resources.
• Wide exposure to working with leading financial institutions and corporations.
• Continuous sponsorship and support on professional certificate development.
• Opportunities for secondment/exchange within KPMG Global network based on staff performance and preference.
• One annual professional membership sponsorship on the approved list.
• Work in a passionate team with blended cybersecurity and technology risk talents.
About KPMG China
At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. We strive to create an inclusive, diverse, and agile workplace for our people to develop and thrive at both a personal and professional level.
We encourage you to come as you are, and we welcome all qualified candidates to apply. Visit KPMG China website for more company information.
More jobs from KPMG China
Software Engineer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Software Engineer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Cybersecurity
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Sales & Account Management
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Cybersecurity
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Fund Accountant (for client)
KPMG China
Cybersecurity
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
More jobs like this
Consultant/Senior Consultant, Cyber Security (Strategy, Governance & Risk), Technology Consulting
KPMG China
Central and Western, Hong Kong
Consultant/Senior Consultant, Cyber Security (Penetration Testing/ Red Teaming), Technology Consulting (MJ005350)
KPMG China
Central and Western, Hong Kong
Manager/Associate Director, Data Privacy and Protection, Technology Consulting
KPMG China
Central and Western, Hong Kong
Associate Director / Manager, Cyber Security (Simulated Attack) (MJ003359)
KPMG China
Central and Western, Hong Kong
🎉 Got an interview?