Job Specifications
Overview
At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause turning insight into opportunity for clients and communities around the world.
Are you a talented individual with a proven track record on executing project deliverables.
Our Toronto team is looking for a highly motivated Cyber Security professional at a Consultant or Senior Consultant level to join our team! As a member of KPMG Canada's cross-functional Cyber team, you will be dedicated to the defense and protection of our client critical data, systems, and assets through cyber defense and incident response services.
A career within our Cyber Security practice will provide you with the opportunity to help our clients implement robust cybersecurity programs that protects against threats, propels digital and business transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
KPMG's Cyber team has received tremendous investment and has been identified as a transformational part of the firm to deliver growth over the next five years. This is an excellent opportunity for those that are looking to stay ahead of the curve and work in a firm with unparalleled career progression opportunities.
What You Will Do
As a Senior Consultant, you'll work as part of a team of problem solvers with extensive consulting and industry experience, supporting our technical engagement team and leveraging your expertise on Incident Response projects and tasks. Specific responsibilities include but are not limited to
Engage with a variety of clients on incident response engagements ranging and tasks from operating system security, cloud and network security, cryptography, software security, malware analysis, digital forensics for incident response activities, security operations, and emergent security intelligence;
Perform incident response and cyber investigations. These engagements will require urgent organization, configuring needed toolsets, and communication with the client;
Leverage forensic tools on incident response to collect, process and analyze computer based evidence (host and network based). Use end-point detection and response (EDR) tools to investigate, monitor and triage potentially compromised end-points;
Perform digital forensic evidence collection throughout the incident response phases, extensive log analysis and meta-data analysis;
Perform operating system and hard drive digital forensic evidence analysis;
Analyze results from tools and determine indicators of compromise (IOCs), root cause of compromise, possible attack vectors, potential threat actors and the overall risk/threat the client is facing;
Provide recommendations and advise on steps to mitigate the current attack, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks;
Analyze results of assessment and create technical accurate and articulate reports in a business professional language, to be shared with technical stakeholder, executive stakeholders and potentially third parties;
Leverage out-of-the-box thinking to tackle and overcome complex client challenges;
Remain current on the threat landscape, including common and recent threats. Keep your team and clients informed on relevant threat and attack vectors on an on-going basis;
Contribute to the KPMG Incident Response team's practice development by actively supporting a Cyber/Forensics lab, writing whitepapers, conducting and sharing research, actively assisting with business development opportunities.
What You Bring To The Role
Undergraduate degree in Computer Science, Information Technology, or related field;
Completion of at least one relevant certification such as GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), EnCase Certified Examiner (EnCE), CCFP ISC(2) or similar;
2+ years of experience with incident response, preferably in a consulting environment. Internal CSIRT experience will also be considered;
2+ years of experience with forensic data collection with technical network, hard drive, and operating systems. Candidates should also have experience with collecting data from cloud platforms for investigations that involve SaaS and PaaS;
Experience working on consulting incident response engagements with clients, including post-incident reviews;
Cyber investigation and threat hunting experience;
Ability to identify and create IOCs (Indicators of Compromise) from performing forensic analysis activities, articulate IOC in technical format
About the Company
KPMG LLP is the Canadian member firm of KPMG International. We provide Audit, Tax, and Advisory services to many of the public and private business, not-for profit, and public sector organizations in Canada. Nationally, there are 40 offices and over 700 partners and more than 10,000 employees working together to help Canadian businesses achieve their goals. Leveraging the skills, knowledge and passion of our firm and our people allows us to serve our clients with uncompromising professionalism, cutting through complexity to ...
Know more