Senior Consultant, Cyber Security - Defense and Incident Response

Overview
At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Our Vancouver team is looking for a highly motivated and technically competent Cyber Security Professional at a Senior Consultant level to join our team! As a member of KPMG Canada's cross-functional Cyber team, you will be dedicated to enabling our clients' enhancement of their cyber security posture, securing vulnerabilities in their infrastructure and critical applications and responding to cyber security incident and events, threatening our clients' business operations.

KPMG's leading cyber security practice provides a comprehensive suite of cyber security services, from cyber security and privacy governance, strategy, defense, and response, through to end-to-end cyber security transformation services. This is an exciting opportunity for talented, energetic people to join a practice that is experiencing significant growth. We are looking for candidates who have demonstrated academic, business, and technical excellence, strong all-around capabilities, and fit with our culture. Individuals who can work in a dynamic, fluid, and entrepreneurial environment will excel, and will find a wide range of opportunities within our growing practice. This is an excellent opportunity for those that are looking to work in a firm and department with great career progression opportunities and wanting to be part of building a premier cyber consulting team.

At KPMG we continue to be a hybrid virtual and office work environment; this role is required to be in Vancouver, BC. The team looks forward to representing KPMG and growing our practice locally through industry events and client meetings.

Find out more about KPMG Cyber Defense and Response

What you will do
As a Senior Consultant you will work as part of a dedicated group of problem solvers with extensive consulting, technical cyber security, digital forensics, and industry experience, helping our clients solve their complex technical cyber security issues, from identifying vulnerabilities in a client's network, to responding to a cyber incidents, to searching for malware, to attempting to determine if a client website is exploitable. Specific responsibilities include but are not limited to:

• Engage with a variety of clients on penetration testing, with tasks ranging from: network and application discovery and scoping, vulnerability enumeration, exploitation testing, documentation of results and recommendations.
• Perform vulnerability assessments, network and application mapping and explorative exercises, analyze misconfigurations in infrastructure and applications.
• Assist with performing incident response and cyber investigations. These engagements will require urgent organization, configuring needed toolsets, and communication with the client.
• Assist with performing digital forensic evidence collection, leveraging forensic and EDR tools, throughout the incident response phases, extensive log and meta-data analysis, and operating system and hard drive digital forensic evidence analysis. Analyze results from tools and determine indicators of compromise (IOCs), root cause of compromise, possible attack vectors, potential threat actors and the overall risk/threat the client is facing.
• Provide recommendations and advise on steps to mitigate the current level of exploitation, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks.
• Analyze results of assessment and create technical, accurate and articulate reports in business professional language, to be shared with technical stakeholder, executive stakeholders and potentially third parties.
• Conduct research and development on technical cyber security topics, vulnerabilities, infrastructure design and technologies, cyber attack and penetration testing methods, digital forensic processes, investigation processes, evidence discovery methods based on type of attack.

What you bring to the role

• Bachelor's degree (or higher) in Computer related studies (e.g., Computer Science, Information Systems and/or a related discipline) or Math/Science related studies (e.g., Mathematics, Physics, Engineering, etc.). Masters-level degree is an asset (in the field of Computer Science, Information Systems, Data Science, or another related field).
• At least one, entry level, technical security related certification e.g., CEH (Practical), eJPT, eCDFP, CHFI, etc.).
• An advanced technical certification in Incident Response, Digital Forensics and/or Penetration Testing: OSCP, eCPPTv2, eCPTX, eCIR, eCDFP, GPEN, GCIH, GCFA, etc. is highly desired.
• Certifications and/or certificates of completion from Online Penetration Test/Digital Forensic Lab services (e.g., HacktheBox, TryHackMe, Attack/Defense, etc.) are an asset.
• 3+ years of hands-on, technical, penetration testing and/or digital forensic experience, that includes issue identification and detailed analysis, identification and exploitation of vulnerabilities, investigation experience, providing detailed recommendations to issues, providing written and verbal feedback to clients, and formal detailed business level reporting. (Only hands-on professional experience at an employer is considered, and college level assignments/online challenges are not considered professional experience).
• Previous experience in consulting (especially at a Big 4 Accounting / Consulting firm) is an asset.
• Be able to hold effective client conversations on technical and non-technical projects, engagement status, business development activities, etc. You must be able to converse independently and add value to these conversations.
• Excellent understanding and knowledge of Operating Systems (sys-internals), Networking, Cryptographic Concepts, Programming and Software Compilation, Software Vulnerabilities and Exploitation, Malware basic mechanics and processes, Threat Actor Groups and recent cyber exploits/events.
• Excellent analytical, problem solving and outside-the-box thinking; you are organized and methodical, with strong attention to detail and ability to analyze and interpret information.
• Comfortable with ambiguous tasks and objectives, able to self-lead and determine steps to complete tasks, create a self-driven action plan.

KPMG BC Region Pay Range Information
The expected base salary range for this position is $63,500 to $99,500 and may be eligible for bonus awards. The determination of an applicant's base salary within this range is based on the individual's location, skills, & competencies, and unique qualifications. In addition, KPMG offers a comprehensive and competitive Total Rewards program.

#LI-Hybrid

Providing you with the support you need to be at your best
For more information about KPMG in Canada's Benefits and well-being, click here .

Our Values, The KPMG Way
Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice. For more information about Inclusion, Diversity & Equity in Recruitment, please click here .

Adjustments and accommodations throughout the recruitment process
At KPMG, we strive for an inclusive recruitment process that allows all candidates to Come As You Are and Thrive with Us. We aim to provide a positive experience and are ready to offer adjustments or accommodations to help you perform at your best. Adjustments (an informal request), i.e. extra preparation time or the option for micro breaks during interviews, and accommodations (a formal request), i.e. accessible communication supports or technology aids are tailored to individual needs and role requirements.

To begin a confidential conversation about adjustments or accommodations at any point throughout the recruitment process, we encourage you to contact KPMG's Employee Relations Service team for support by emailing cdnersteam@kpmg.ca or by calling 1-888-466-4778, Option 3.

For information about accessible employment at KPMG, please visit our accessibility page .

Category

Accounting