KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets.
Using a holistic view of how Technology and Business integrate, Cybersecurity performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & security solutions.
Successful candidates will get to rotate across the three Cybersecurity disciplines before specialising:
•Technology Risk and Outsourcing Governance - this discipline covers IT-Business related consulting over how an organisation manages technology risk and governs its outsourcing. This involves review, re-design and implementation controls over the organisation`s IT environment. Topics include system development, project management, business or IT outsourcing, business continuity management, information security, incident management, user access management.
•Cybersecurity - this discipline covers designing and implementing Cybersecurity frameworks; Cyber maturity assessments; organisational design for Information Security; design and rollout of information security processes such as Incident Management, Intrusion Detection, and Security Monitoring.
•Ethical Hacking - this discipline covers vulnerability assessment, application and network penetration testing, wireless security, mobile security, and system security testing.
The role involves delivering vulnerability assessment and penetration testing projects across the region, and working closely with our team of penetration testers.
Cybersecurity team members regularly interact with C-Suite clients, such as Chief Executive Office (CEO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind-set, understanding of IT within a Business context, and well-developed communication skills are desirable.
As an intern, you will get the opportunity, but not limited to:
•Performing application (web and mobile) and infrastructure vulnerability assessment and penetration tests on different platforms and technologies
•Conducting social engineering/phishing and red teaming exercises
•Reviewing and analysing security vulnerabilities to identify false positives
•Conducting server/network/middleware security configuration assessments
•Preparing a report on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities
•Assisting in continuously enhancing the existing penetration testing methodologies
•Remaining up-to-date on the latest cybersecurity threats and vulnerabilities
The ideal candidate should possess the following attributes:
•Be pursuing a recognised Degree in Computer Science, Information Technology, Engineering (Computer/Electronics), or a related discipline
•Have some prior experience in conducting vulnerability assessments and penetration tests
•Be comfortable with working on various platforms and operating systems (e.g. Windows, Linux, Kali)
•Understand the OWASP testing methodology and have knowledge of penetration testing tools
•Able to work as part of a team, and at the same time being an independent self-starter
•Have strong analytical, problem solving and inter-personal skills
•Commands excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team.