Data Protection, Assistant Manager

At KPMG, your long-term future is every bit as important to us as it is to you. That's why our aim is to give you experiences that will stay with you for a lifetime. Whether it's great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities - you'll gain a wealth of experiences on which to build a rewarding career. We're proud of our culture - it's one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it - striving to be better lies at the heart of who we are.

KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & cyber security solutions.

Cyber team members regularly interact with C-Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports. Hence, a client centric mind-set, understanding of IT within a Business context, and well-developed communication skills are desirable.

The role involves:

1. Engage with client stakeholders on Data protection Projects.
2. Providing in-depth expertise of Data protection.
3. Conducting discovery workshops for customers to understand their data protection measures and recommend improvements to their security posture.
4. Work with customers to plot their cloud journey and advising them on their overall data protection requirements based on their data landscape.
5. Working with KPMG Project and Customer resources to continue design and deployment activities and further enhance Data protection solutions for our customers.
6. Working with customers and leading data protection vendors to design and build creative solutions.
7. Working with team members, you will design and/or build solutions within large transformations, and you will perform reviews, assessments and build strategies for organizations looking to invest in Data protection.
8. Assisting the engagement manager with the planning and delivery phases of engagements.

The ideal candidate should possess:

1. Bachelor's degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.
2. A highly motivated individual in information security and excellent communicator with strong analytical and good problem-solving skills.
3. Minimum 5 years of relevant experience working on Data protection technologies: Forcepoint, Proofpoint, Varonis, Zscaler, MSFT Purview.
4. Good understanding of Security strategy, assessment, and design and implementation and governance frameworks over processes, controls, organisation and infrastructure.
5. Proven technical knowledge in Data Governance, Data classification, Data loss prevention, Insider threat, Data encryption, CASB etc.
6. Good understanding of cloud platforms like Microsoft Azure, Google and AWS.
7. Proficient in PowerShell and Python.
8. Strong understanding and hands-on experience with Windows OS, including Active Directory and DNS.
9. Understanding of creating and managing virtual machines, EC2 instances, VNETs, VPCs, and access control management.
10. Experience in implementing and managing firewalls, VPNs, and intrusion detection/prevention systems.
11. Ability to respond to security incidents, conduct root cause analysis, and implement corrective actions.
12. Familiarity with industry standards and regulations such as GDPR, HIPAA, or ISO 27001, Personally Identifiable Information (PII) ensuring compliance in security practices.
13. Excellent business analysis experience in requirements gathering, modelling use cases and experience in business development in supporting new business offerings.
14. Any relevant industry related certification will be preferred (e.g. CISSP, AWS, AZURE, Data protection product certifications etc.)

#LI-JL2