Assistant Manager/Manager – RC – Emerging Tech Risk & Cyber (Penetration Testing) Assistant Manager/Manager – RC – Emerging Tech  …

in Petaling Jaya, Malaysia
Permanent, Full time
Be the first to apply
in Petaling Jaya, Malaysia
Permanent, Full time
Be the first to apply
Assistant Manager/Manager – RC – Emerging Tech Risk & Cyber (Penetration Testing)
KPMG's Risk Consulting Advisory team provides in-depth IT guidance and support, from strategic planning and implementation, governance structure assistance, and project management to information protection and system assurance.

Through our full range of services, our Risk Consulting Advisory professionals help provide clients confidence on their IT delivery and the true potential of technology investments and provide them with the information they need to meet their strategic and financial goals.

Responsibilities :
As part of our regional and global security team, you will be responsible for:
• Management and delivery of the penetration testing and security assessment projects. The projects include:
o Penetration testing using automated tools and manual techniques
o Mobile and web application penetration testing
o Network penetration testing
o Host and database assessment and security configuration review
o Wireless security assessment
o Network security architecture design review
o Source code security reviews
o Cyber security maturity assessment
• Resource management for various projects
• Review and quality assurance of deliverables
• Supervision of associates and senior associates working on projects
• Professional development and coaching of team members
• Coordinating methodology development and updates and overall improvement of delivery of projects
• Participating in business development activities which includes preparation of proposals and presentations
• Acting as subject matter expert in cyber security
• Supporting the service line leader in strategic initiatives
• Ability to identify new emerging threats and trends in terms of security testing

Requirements :

• Possess strong enthusiasm and interest in information security
• Able to document technical information for executive level reporting and presentation
• Good communication, presentation, interpersonal, and stakeholder management skills
• Independent, self-motivated, organized, and results oriented individuals capable of handling multiple tasks and achieving tight deadlines
• Strong analytical and management skills
• Excellent understanding of security controls and their relation to project delivery; security standards and guidelines (CIS, OWASP), etc
• Ability to multiple tasks and meet tight deadlines


• At least 6 to 8 years' experience in information security and testing, out of which at least 3-4 in team lead and / or team management role
• Exposure to a range of industries would be ideal, but not essential. Likely industry exposure will include government, health, energy & natural resources, manufacturing and finance.


• A Bachelor's Degree in Computer Science,/Information Technology/Engineering/any related field.
• Candidates with the following certifications would have an advantage:
o Certified Information Security Manager (CISM)
o Certified Information Systems Security Professional (CISSP)
o Certified Ethical Hacker (CEH)
o Offensive Security Certified Professional (OSCP)
o Relevent SANS training/certifications