You're using an older version of Internet Explorer that is no longer supported. Please update your browser.
KPMG

Manager, Cyber Defence

Posted 2 days ago

Job Details

Category

Location

Job Description

Overview
At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Are you a talented individual with a proven track record on executing project deliverables.

Our Toronto team is looking for a highly motivated Cyber Security professional at a Manager level to join our team! As a member of KPMG Canada's cross-functional Cyber team, you will be dedicated to the defense and protection of our client critical data, systems, and assets th rough cyber defense and incident response services.

A career within our Cyber Security practice will provide you with the opportunity to help our clients implement robust cybersecurity programs that protects against threats, propels digital and business transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

KPMG's Cyber team has received tremendous investment and has been identified as a transformational part of the firm to deliver growth over the next five years. This is an excellent opportunity for those that are looking to stay ahead of the curve and work in a firm with unparalleled career progression opportunities.

What you will do
As a Manager you'll work as part of a team of problem solvers with extensive consulting and industry experience, supporting our technical engagement team and leveraging your expertise on Incident Response projects and tasks. Specific responsibilities include but are not limited to:
  • Engage with a variety of clients on incident response engagements ranging and tasks from operating system security, cloud and network security, cryptography, software security, malware analysis, digital forensics for incident response activities, security operations, and emergent security intelligence;
  • Perform incident response and cyber investigations. These engagements will require urgent organization, configuring needed toolsets, and communication with the client;
  • Leverage forensic tools to on incident response collect, process and analyze computer based evidence (host and network based). Use end-point detection and response (EDR) tools to investigate, monitor and triage potentially compromised end-points;
  • Perform digital forensic evidence collection throughout the incident response phases, extensive log analysis and meta-data analysis;
  • Perform operating system and hard drive digital forensic evidence analysis;
  • Analyze results from tools and determine: indicators of compromise (IOCs), root cause of compromise, possible attack vectors, potential threat actors and the overall risk/threat the client is facing;
  • Provide recommendations and advise on steps to mitigate the current attack, present risks and remediate the potentially vulnerable environment and remove the ability of ongoing/future attacks;
  • Analyze results of assessment and create technical accurate and articulate reports in a business professional language, to be shared with technical stakeholder, executive stakeholders and potentially third parties;
  • Leverage out-of-the-box thinking to tackle and overcome complex client challenges;
  • Remain current on the threat landscape, including common and recent threats. Keep your team and clients informed on relevant threat and attack vectors on an on-going basis;
  • Contribute to the KPMG Incident Response team's practice development by actively supporting a Cyber/Forensics lab, writing whitepapers, conducting and sharing research, actively assisting with business development opportunities.
What you bring to the role
  • Undergraduate degree in Computer Science, Information Technology, or related field;
  • Completion of at least one relevant certification such as GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), EnCase Certified Examiner (EnCE), CCFP ISC(2) or similar;
  • 5+ years of experience with incident response, preferably in a consulting environment. Internal CSIRT experience will also be considered;
  • 5+ years of experience with forensic data collection with technical network, hard drive, and operating systems. Candidates should also have experience with collecting data from cloud platforms for investigations that involve SaaS and PaaS;
  • Experience working on consulting incident response engagements with clients, including post-incident reviews;
  • Cyber investigation and threat hunting experience;
  • Ability to identify and create IOCs (Indicators of Compromise) from performing forensic analysis activities, articulate IOC in technical formats, and present them to stakeholders;
  • Hands-on experience and working knowledge of at least one common industry leading or open-source forensic software application (e.g. EnCase, FTK, Autopsy, Magnet Axiom, Cellebrite, Magnet IEF/Axiom) and techniques to capture and process electronic data from computers, virtual machines, external media, networks and mobile data devices;
  • Hands on experience with the installation and configuration of End-Point Detection and Response tools, such as Carbon Black, Sentinel One, CrowdStrike Falcon or Elastic Stack;
  • Strong knowledge of common attack vectors, initial compromise, lateral movement, privilege escalation and data exfiltration techniques;
  • Knowledge of operating systems, networking, web protocol, and cloud architecture;
  • Ability to perform log, host and network-based traffic monitoring and analysis, across varying devices, platforms and formats;
  • Ability to perform hard drive digital forensics within the incident response phases, across various file and device formats, including Windows and Linux operating systems and mobile device.
  • Ability to fulfill regular on-call responsibilities, as part of a team, for urgent incident response activities.
  • Master's Degree within a specialization in Cyber Security, Digital Forensics or a related field is advantageous;
  • Completion of any additional Cyber Security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) or similar would be advantageous.;
  • Hands-on experience incident response and log analytics tools, such as Elastic, Log Stash and Kibana, Sumo Logic, Splunk, etc. Familiarity with multiple open-source tools for data and log analysis;
  • Reverse engineering experience on various types of malware, including ransomware, malicious droppers, trojans, customized and obfuscated malicious scripts and other types of malicious files will be advantageous;
  • Experience with forensic evidence handling and chain-of-custody procedures and knowledge of potential litigation requirements;
  • Experience with programming languages (C, C#) and scripting languages (e.g. Python and Go) and familiar with Bash and PowerShell;
  • Experience in other technical Cyber Security domains, such as Penetration Testing, Red Teaming, Security Operation Centre (SOC) or Blue Teaming;
  • Able to create solutions and modify your tools, plugins and scripts appropriately to problem at hand;
  • Knowledge of common threat actor TTPs (tools, techniques and procedures and how they relate to the stages of the MITRE ATT&CK® Framework.

Providing you with the support you need to be at your best
Our Values, The KPMG Way
Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

Adjustments and accommodations throughout the recruitment process
At KPMG, we are committed to fostering an inclusive recruitment process where all candidates can be themselves and excel. We aim to provide a positive experience and are prepared to offer adjustments or accommodations to help you perform at your best. Adjustments (informal requests), such as extra preparation time or the option for micro breaks during interviews, and accommodations (formal requests), such as accessible communication supports or technology aids, are tailored to individual needs and role requirements. You will have an opportunity to request an adjustment or accommodation at any point throughout the recruitment process. If you require support, please contact KPMG's Employee Relations Service team by calling 1-888-466-4778.

About KPMG

KPMG LLP is the Canadian member firm of KPMG International. We provide Audit, Tax, and Advisory services to many of the public and private business, not-for profit, and public sector organizations in Canada. Nationally, there are 40 offices and over 700 partners and 7,000 employees working together to help Canadian businesses achieve their goals. Leveraging the skills, knowledge and passion of our firm and our people allows us to serve our clients with uncompromising professionalism, cutting through complexity to provide valuable insight—in Canada and around the world. KPMG s.r.l./S.E.N.C.R.L. est le cabinet canadien membre de KPMG International Cooperative (« KPMG International »). Nous offrons des services professionnels en audit et en fiscalité ainsi que des services-conseils à une vaste clientèle composée notamment de sociétés ouvertes et fermées, d’organismes sans but lucratif et d’organisations du secteur public au Canada. KPMG compte 40 bureaux à l’échelle nationale, au sein desquels collaborent plus de 700 associés et 7 000 employés pour aider les sociétés canadiennes à atteindre leurs objectifs. Nous misons sur les compétences et le savoir-faire de notre équipe pour servir nos clients − au Canada et ailleurs dans le monde − avec rigueur et professionnalisme. Notre mission première : simplifier la complexité en proposant des perspectives éclairantes.

Industry

Banking & Finance

Company Size

5001-10,000 employees

Application closing date is 2025-09-28

Interested in jobs like this?

Sign up for email alerts
Get job alerts

Work with our Featured Employers

M space man icon M
Watch now
H O T Marketing. Tips. Sauce.
Marketing On Mars Podcast Full episodes twice per month
Job successfully reported

Thank you for helping us identify suspicious behaviour.