Supervisor- Tech Advisory-IPBR at KPMG South Africa

Job Description

Business Unit: Information Protection and Business Resilience, IT Advisory/ Privacy

Reporting to:IPBR Directors

Purpose Of The Job

• IPBR advises clients in assessing, designing, integrating and monitoring all aspects of their organisational security processes, ensuring that these processes are well defined, managed and optimised in order to mitigate information risk and release value from information security.
• Information Protection Services focuses on the governance and technical facets of information security, and services include the following, amongst others:
• Designing Information Security governance structures
• Information Security governance assessments and/or implementations
• Vulnerability assessments across various architectures and platforms
• Penetration testing across various architectures and platforms

Key Job Duties Or Responsibilities

• Supervision and mentoring of junior staff members, reviewing work, etc.
• Assist in compiling project / engagement plans, budgets, controlling billing, etc.
• Acting as a subject matter expert in defined fields
• Providing advice and recommendations to mitigate risks and release value from IT.
• Documentation of findings and developing recommendations based on aligning best practice and client business requirements.
• Client relationship management and business development.

Critical Technical Skills Or Competencies

• One or more of the following skills would be advantaged:
• IT / Internal Audit experience, with special interest in IT Security
• IT security governance knowledge and understanding (Cobit, ITIL, ISO)
• Ability to track down process / system security risks to root cause and advise on improvements / solutions.
• Technical background in information security:
• Penetration testing / vulnerability management assessments
• Security infrastructure testing (physical, application, logical access, etc.)
• Information security standards design and implementations
• Cloud computing (background from a security perspective)
• Information security strategy design and governance assessments
• Information security management experience (records retention, information architecture, etc)
• Identity and access management implementations and reviews
• Data classification

Qualifications And Experience

• B degree (BComm / BSc) or other information security related degree required.
• A good understanding of general business issues
• CISA / CISM / CISSP is an advantage
• CPTE – Certified Penetration Testing Engineer
• Experience in IT audit and risk management advisory, with a special interest in IT Security.

Critical Interpersonal Or Interactive Skills

• Presentable, professional and confident.
• Diplomatic and tactful while remaining assertive.
• Ability to manage stress and work under pressure.
• High level of integrity.
• Ability to work in a team.
• Well spoken with good communication and listening skills.
• Ability to liaise at all levels.
• Emotional maturity.
• Focused and disciplined.
• Target/results driven with a sense of urgency to get things done.
• Desire to improve the status quo.
• Persistent, persuasive and tenacious.
• Has drive and resilience.
• Ability to take accountability and make decisions.
• High energy levels.
• Self starter.
• Flexible and innovative.
• Strong attention to detail/methodical/analytical.
• Problem solving ability.
• Ability to multitask.
• Ability to work unsupervised.
• Willingness to travel is essential as this role will involve local, national and possibly international travel.