Descriptions
The Incident response manager role will be working in the Cyber Response
Services (CRS) Team within our Risk Consulting practice, reporting directly
into the head of cyber response. Cyber security is one of the areas which KPMG
has identified for tremendous investment and growth. Our clients face a
challenging cyber threat and look to us to help them understand and respond to
that threat.
This is a hands-on and operational management role with opportunities to
grow into service line leadership. He should have good hands-on experience in
enterprise Network & Security. The successful candidate is expected to
manage a broad range of cyber-security incidents as well as perform digital
forensics (disk, volatile memory, network packets, logfiles) and help advance
KPMG’s incident response processes and methodologies. In this role we are
looking for a person who can demonstrate strong technical background,
significant experience in Network & Security, Incident Response and Digital
Forensics and is looking to grow into an Incident Response leadership role as
part of a growing team.
Responsibilities
Manage and co-ordinate cyber
security incidents for our clients, working closely with the Head of Cyber
Response.Digital forensics of relevant
incident data (disk, volatile memory, network packets, log files).Maintaining a current view of
the cyber threat and being able to advise clients on the threat landscape
and attacks which may be relevant to themHave good understanding on
BNM RMiT guidelines in relation with Cyber Response and RecoveryManage the development of
KPMGs in house cyber-response toolsAssess client incident
response capability maturity.Develop and establish SOC
policy, process and procedure documentation based on ISO 27001, COBIT,
NIST/MITRE etc and followed by the teamEstablish SOC playbooks based
on new threatsLead Internal and external
Audit to meet the SOC complianceHands-on knowledge
configuration, responsible for integration of logs in SIEMKnowledge of NextGen SOC,
Threat Hunting and behavioral analysis toolsExperience and knowledge with
Cloud providers such as Microsoft Azure, Google Cloud, etcHelp stand-up or improve
clients’ own incident response & Network Security capabilities.Prepare proposal documents
indulging proposal, pricing sheet, solution presentation against
RFPs/RFIs.In-depth knowledge of
security concepts such as cyber-attacks and techniques, threat vectors,
risk management, incident management etc
The successful candidate will demonstrate competency in computing and
networks as well as in cyber-security either by having the relevant work
experience, completed a degree or obtained industry relevant certification.
Therefore, the qualifications below should be seen as means to demonstrate
competency and not as a requirement. The desired skill and qualification is
provided below:
Excellent communication
skills (both written and oral) and project management skills.Strong IT and network skills
– knowledge of common enterprise technologies – Windows andWindows Active Directory,
Linux, Cisco, etc.Working programming skill-set
to be able to author and develop tools. Most in-house security tools in
KPMG are written in Python, but we accept that a competent programmer will
be able to transfer skillsets across languages.Technical proficiency in at
least one of these areas: network security/traffic/log analysis; Linux
and/or Mac/Unix operating system forensics; memory forensics; static and
dynamic malware analysis / reverse engineering; advanced mobile device
forensics; threat hunting; threat intelligence.Advanced experience in
industry computer forensic tools such as X-Ways, EnCase, FTK, InternetEvidence Finder (IEF) /
AXIOM, and/or CellebriteAdvanced experience in
preservation of digital evidence (including experience preserving cloud
data and handling encryption such as BitLocker, FileVault, and/or LUKS)Experience with and
understanding of enterprise Windows security controls
Requirements
Qualifications and Education requirements
Minimum qualifications
required: B.E/B. Tech or EquivalentExcellent communication
skills (both written and oral) and project management skills. Abilities:
Good soft skills and team player(Preferred) General
information security certificates such CISSP, CISM or CISA.(Preferred) Incident
management certifications such as:CREST certified incident
manager (CCIM).GIAC Certified Incident
Handler (GCIH)(Preferred) Digital forensics
certificates such as:CREST certified network
intrusion analyst (CCNIA),CREST certified malware
reverse engineer (CCMRE),GIAC Certified (Network)
Forensic Analyst (GCFA, GNFA)Experience: 8 – 10 years
For further information, and to apply, please visit our website via the
“Apply” button below.
Candidates must be resident in Malaysia, or have the right to work in
Malaysia.
