Cyber Security Senior Consultant - Risk & Assessment (Supervisor Level)
Cyber Security Senior Consultant - Risk & Assessment
At KPMG, we offer fascinating, challenging and well rewarded careers.
At KPMG, we offer fascinating, challenging and well rewarded careers.
CYBER SECURITY SENIOR CONSULTANT – RISK & ASSESSMENT (SUPERVISOR LEVEL)
Responsibilities:
- Performs security and/or risk assessments in a fast-paced environment along with providing timely and practical recommendations to mitigate the identified risks
- Performs security and/or risk assessments aligned with industry standards (ISO 27001/2, NIST, CIS, PCIDSS, SWIFT CSP), regulatory requirements (BSP circulars and others), and best practices
- Performs maturity assessments in cyber security and information technology
- Participates in discovery workshops with other consultants and key stakeholders, both in IT and other business units
- Participates in project presentation for client project team and other key stakeholders
- Facilitates Security Training and Awareness
Qualifications:
- Graduate of Bachelor of Science in Information Technology or related courses
- Has at least 3 years of experience in security assessments (Third Party Security Risk Assessments, ISMS/NIST Assessment, SOC 2 Type 2 Assessment, RCSA, Configuration Review, Architecture Review, Controls Review) (Mandatory)
- Has facilitated at least one (1) IT Risk Assessment project
- Has working experience in Data Privacy (PDPA, GDPR, DPA of 2012)and in Security Awareness and Training
- Specific 1 year experience in consulting/advisory engagements (preferred)
- Strong knowledge in IT Audit/Assessments and/or Maturity Assessments
- Strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS, PCI DSS and SWIFT CSP
- Understanding of local regulations (BSP circulars)
- Understanding of Cloud Compute, Storage, Security and Virtualization best practice
- Preferably has at least one of the following certifications:
- ISC2 CISSP
- ISMS LA/LI
- ISACA CISA or CRISC
- Relevant certifications for PCI DSS, SWIF, HITRUST and other industry security standards/guidelines
- Good analytical, communication, interpersonal, and presentation skills