Cyber Security Manager - Tech Assurance at KPMG South Africa

Description of the role and purpose of the job:

KPMG is currently seeking a Manager, to join our Cyber Security consulting and assurance practice. Cyber Security is a part of wider Technology Assurance practice.

• The KPMG Cyber Security practice is one of our fastest growing practices. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Technology Advisory.
• Working with KPMG you will consult on client projects, translating business and customer needs into innovative business and technology solutions. You will identify changes and recommend solutions that will typically involve a combination of cyber strategy and security excellence outcomes. You will be exposed to a range of exciting projects across industry sectors and service lines including:
• Driving the linkage between business strategy and cyber security (and vice versa), to deliver meaningful outcomes
• Defining the technology strategy to create new streams of value in a business, and defining associated technology execution roadmaps
• Designing innovative technology solutions for improving cyber security posture and advise on reducing cyber risk
• Identify and assist client in meeting compliance requirement for and through cyber security
• Assist in program management or assurance for shaping and defining security programs and embed cyber security in wider digital or business program
• Working closely with the local team and member firms to bring innovation to our existing capabilities to help KPMG remain at the forefront of strategy, operational excellence and technology practices and thinking
• As part of the role you will be expected to have detailed knowledge of security technologies and their application to addressing business challenges. The focus will be on delivering high quality engagement outcomes for our clients and maintaining productive client relationships that allow you to build strong professional networks over time.
• We believe in diversity of thought background and unique experience. You need to have a solid background in technology as well as consulting and are capable of defining cyber security strategies within large and complex environments, working with industry-leading experts in their respective fields. You're passionate about technology and innovation, finding novel approaches to solve problems. You thrive in a collaborative and innovative culture and want to join a firm that values problem solvers, the kind of people who reimagine the possible for their clients and key stakeholders.

We are looking for people in this role with a passion for and / or experience in the following areas:

• Experienced in cyber security strategy, planning and implementation
• Thorough knowledge of standards such as NIST, ISO 27001 and other applicable industry requirements
• An experience in automation of compliance and assurance is desirable
• Knowledge of application and security architecture on conventional on-premise and cloud stacks (IaaS, PaaS, SaaS)
• Abreast of major technology trends, innovations and their practical (or potential) application
• Approaches to technology governance and innovative ways of working
• Excellent documentation and report writing skills

Key responsibilities:

• Take responsibility for leading technology based consulting engagements, managing the day to day delivery effort and work of the delivery team
• Leading the technology planning and design for client engagements
• Acting as a subject matter expert in the business for cyber security domains
• Analyse, workshop and present insights and recommendations enabled by strategic thinking, technical knowledge and strong and clear communication skills
• Performing platform and vendor evaluations on behalf of clients if the need be
• Take responsibility for delivering high quality deliverables and outcomes for our clients
• Undertake and lead business development activities including the creation of compelling and differentiated value propositions in opportunity pursuits
• Support a high-performance culture to consistently deliver quality outcomes for clients and great growth opportunities and mentorship for junior colleagues
• Ability to identify potential business development / sales opportunities
• Report writing
• Building capabilities and methodologies
• Performance management of allocated colleagues

Skills and attributes required for the role:

• Demonstrate grasp of business processes and risk management in areas such as cyber security, cloud computing, identity management, security compliances, technology risk management, and others
• Knowledge of enterprise IT environments, cloud platforms and governance processes. The candidate must be proficient with technology platforms and communicate this information to the engagement team and client management through written correspondence and verbal presentations.
• Plan and execute client engagements focusing on assessment, review, design and/or implementation of security strategy; identify improvement opportunities in the areas of process efficiency and security including role-based security and identity and access management based on KPMG's methodology
• Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
• Contribute to practice growth by leading solution design and innovation related to cloud security platforms
   

Minimum requirements to apply for the role (including qualifications and experience):

• A minimum of 8 years of experience in consulting and/or implementation of security technology and strategy and compliances,
• Experience on design and implementation with emphasis on security, security operations and integration; IT risk management.
• Bachelor's degree in an appropriate field from an accredited college/university
• Possess baseline security certification such as CISM/CISSP/GSEC/CISA/cloud certification for Microsoft Azure/AWS/Google Cloud Platform or studying towards attaining the certification
• Excellent written and verbal communication, facilitation, leadership, business development, and presentation skills
• Ability to travel, subject to regulations