KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients' needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you'll translate insights into action and reveal opportunities for all-our teams, our clients and our world. Service Line Overview
At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.
KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.
Our wide range of projects includes Cyber Strategy, Cyber Digital Transformation, Governance & Risk, as well as a growing presence in Attack & Penetration Tester or Ethical Hacker. We are keen to speaking with cyber security specialists with various expertise and experiences to join our growth story.
We are now seeking Manager candidates for Cloud Security Team. Key Responsibilities
Experience & Background
- Support information security engagements including security strategy, policy and architecture, information privacy and governance, certification and compliance, business and technology resilience and security testing.
- Communicate technical issues in business terms and deliver value using a pragmatic approach to the technical components of information security.
- Deliver Cybersecurity Maturity Assessments and Cybersecurity Control Gap Remediation (covering the design and implementation of controls to address the people, process and technology risks) projects.
- Perform Cybersecurity Maturity Assessments by assessing cyber risk factors across 6 functional domains - Leadership & Governance, Human Factors, Information Risk Management, Business Continuity, Technology & Operations, Legal & Compliance
- Identify and communicate engagement findings to senior management and client personnel
- Develop marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients
- Build and maintain relationships with existing and prospective clients, and develop / improve your network of business contacts
- Assist with scoping prospective engagements and developing proposals
- Take an active role in KPMG's global community of security professionals, assist with research into vulnerabilities and develop our ability to perform security engagements
- Bachelor's degree in a Computer Science or related disciplines
- CISSP, CISA and / or CISM certification preferred, and accreditation for an industry penetration testing certification preferred (e.g. GPEN, or CEH)
- Minimum of five years' experience in information security, ideally within a professional services environment or internal consultancy function delivering cyber security related projects
- Strong knowledge of internet application security, including common internet application vulnerabilities and network architecture to support internet applications
- Strong knowledge base in operations, enterprise networking, operating systems and database security evaluation and architecture
- Experience with security testing tools is an advantage
- Knowledge of IT security vendor products is an advantage
- Experience in financial services is preferred
- Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
- Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives
- Strong client services orientation and accustomed to taking an active role in executing client engagements
- Strong analytical skills and the ability to develop thought leadership publications
At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. It is important for us to create an inclusive, diverse and agile workplace for our people to develop and thrive at both a personal and professional level.
We strive to make ESG (environmental, social and governance) a watermark running through our organisation; from empowering our people to become agents of positive change, to providing better solutions and services to our clients. To lead by example, we launched Our Impact Plan (OIP) which includes our ESG commitments and progress across four key pillars - Planet, People, Prosperity and Governance.
We encourage you to come as you are, and we welcome all qualified candidates to apply, and hope you unlock opportunities with us. Visit KPMG China website for more company information.
Please note that all information in this form has been voluntarily supplied and will be used by KPMG for selection purposed only.