Manager, Cyber Defence

Join to apply for the Manager, Cyber Defence role at KPMG Canada1 day ago Be among the first 25 applicantsJoin to apply for the Manager, Cyber Defence role at KPMG CanadaOverviewAt KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause turning insight into opportunity for clients and communities around the world.OverviewAt KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause turning insight into opportunity for clients and communities around the world.Are you a talented individual with a proven track record of executing project deliverables?Our Toronto team is looking for a highly motivated Cyber Security professional at a Manager level to join our team As a member of KPMG Canada’s cross-functional Cyber team, you will be dedicated to the defense and protection of our client critical data, systems, and assets through cyber defense and incident response services.A career within our Cyber Security practice will provide you with the opportunity to help our clients implement robust cybersecurity programs that protect against threats, propel digital and business transformation, and drive growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners, and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems to deliver continuous operational improvements, increasing cybersecurity investments, and detecting, responding, and remediating threats.KPMG’s Cyber team has received significant investment and has been identified as a transformational part of the firm to deliver growth over the next five years. This is an excellent opportunity for those looking to stay ahead of the curve and work in a firm with unparalleled career progression opportunities.What You Will DoAs a Manager, you’ll work as part of a team of problem solvers with extensive consulting and industry experience, supporting our technical engagement team and leveraging your expertise on Incident Response projects and tasks. Specific responsibilities include but are not limited to:Engage with a variety of clients on incident response engagements, including operating system security, cloud and network security, cryptography, software security, malware analysis, digital forensics, security operations, and emergent security intelligence;Perform incident response and cyber investigations, requiring urgent organization, configuring needed tools, and communication with clients;Leverage forensic tools to collect, process, and analyze computer-based evidence (host and network-based). Use EDR tools to investigate, monitor, and triage potentially compromised endpoints;Perform digital forensic evidence collection, log analysis, and metadata analysis;Analyze operating system and hard drive forensic evidence;Identify indicators of compromise (IOCs), root causes, attack vectors, threat actors, and overall risks;Provide mitigation recommendations, advise on steps to remediate vulnerabilities, and prevent future attacks;Create technical, accurate, and professional reports for technical and executive stakeholders;Apply out-of-the-box thinking to solve complex client challenges;Stay current on the threat landscape and inform clients and team members about relevant threats and attack vectors;Support practice development by contributing to labs, whitepapers, research, and business development activities.What You Bring To The RoleUndergraduate degree in Computer Science, IT, or related field;Relevant certifications such as GCIH, GCFE, EnCE, CISSP, CISM, CEH, OSCP, or similar;5+ years of incident response experience, preferably in consulting or CSIRT environment;Experience with forensic data collection from networks, hard drives, operating systems, and cloud platforms;Experience with consulting incident response engagements and post-incident reviews;Cyber investigation and threat hunting skills;Ability to create and articulate IOCs and present findings to stakeholders;Hands-on experience with forensic software (EnCase, FTK, Autopsy, etc.) and EDR tools (Carbon Black, SentinelOne, CrowdStrike, Elastic, etc.);Knowledge of attack vectors, lateral movement, privilege escalation, exfiltration techniques;Understanding of OS, networking, web protocols, and cloud architecture;Skills in log and traffic analysis across devices and platforms;Ability to perform digital forensics on Windows, Linux, and mobile devices;Willingness to fulfill on-call responsibilities;Master’s degree in Cyber Security or related field (advantageous);Additional cybersecurity certifications (advantageous);Experience with log analytics tools (Elastic, Splunk, etc.) and malware reverse engineering (advantageous);Knowledge of forensic evidence handling and legal procedures;Programming and scripting skills (C, Python, Bash, PowerShell);Experience in Penetration Testing, Red Teaming, SOC, or Blue Teaming (advantageous);Ability to develop custom tools and scripts; Knowledge of threat actor TTPs and MITRE ATT&CK framework.Our Values: Integrity, Excellence, Courage, Together, For BetterKPMG in Canada is committed to diversity and inclusion. We provide accommodations during the recruitment process and encourage all qualified candidates to apply. For support, contact KPMG’s Employee Relations Service team.Seniority levelNot ApplicableEmployment typeFull-timeJob functionEngineering and Information TechnologyReferrals increase your chances of interviewing at KPMG Canada by 2x #J-18808-Ljbffr