You're using an older version of Internet Explorer that is no longer supported. Please update your browser.
KPMG

Senior Consultant - Cyber Response

Posted A month ago

Job Details

Category

Location

Job Description

Overview
At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

We are looking for a talented individual at the Consultant/Senior Consultant level to join KPMG's Cyber Response practice based in Toronto, Ontario. The successful individual will be driven, and results oriented, with a strong focus on client relationships. This individual will possess a strong interest in computer forensics and cyber incident response analysis.

KPMG's Cyber Response team is one which has received tremendous investment and has been identified as a transformational part of the firm to deliver growth over the next five years. It is an excellent opportunity for those that are looking to work in a firm with unparalleled career progression opportunities.

What you will do
  • Gather, analyze and maintain data to support investigative, risk and mitigation efforts.
  • Lead computer and network forensic investigations and cyber incident response engagements through log analysis, malware triage, binary reverse engineering.
  • Independently perform digital forensic analysis on various platforms and mobile devices utilizing various forensic tools such as, but not limited to, EnCase, Magnet Axiom and Cellebrite.
  • Utilize and analyze results from incident response and forensic tools to assess host and network-based artifacts.
  • Develop incident investigation and digital forensic reports articulating technical investigations.
  • Leverage out-of-the-box thinking to tackle and overcome client challenges.
  • Contribute to continued development of the Cyber Response team, supporting internal development opportunities and process enhancement.
  • Actively contribute to thought leadership and business development campaigns.
  • Remain up to date on computer forensic and cyber incident trends and technologies through testing and research.
  • Fulfill regular on-call responsibilities.
What you bring to the role
  • Undergraduate degree in Computer Science, Information Technology, or related field.
  • A minimum of three years of previous incident response or CSIRT experience is desired.
  • Hands-on experience with various security tools including log management, web proxies, endpoint protection platforms, etc. is preferred.
  • Completion of relevant certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA) or EnCase Certified Examiner (EnCE), CCFP ISC(2) or similar.
  • Minimum of two years of experience with using forensic software applications (e.g. EnCase, FTK, Autopsy, Magnet Axiom, Cellebrite, Wireshark, OpenVAS, Snort, Magnet IEF/Axiom) and techniques to capture electronic data from computers, external media, networks and mobile data devices.
  • Experience in an advisory or external consulting capacity or as a corporate incident response handler will be a plus.
  • Hands-on computer forensic experience such as Windows, Unix and or/Linux disk and memory forensics, Host and Network-based security monitoring, traffic and log analysis and static and dynamic malware analysis in support of incident response investigations and possible litigation with an understanding of evidence handling procedures.
  • Familiarity with Endpoint Detection and Response (EDR) tools such as CrowdStrike, CarbonBlack, Windows Defender for Endpoints and/or SentinelOne.
  • Familiarity with Splunk, Azure Sentinel, Qradar for incident response will be preferred.
  • Familiarity and up to date knowledge of common threat actor TTPs (tools, techniques and procedures) and how they relate to the stages of the MITRE ATT&CK® Framework. Familiarity with Internet security issues, cloud architectures, and threat landscape.
  • Knowledge of incident response for O365 and Google Workspace productivity tools will be considered a plus.
  • Knowledge of AWS, GCP and Azure cloud environments, and performing investigations in the cloud will be considered a plus.
  • Demonstrate technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.
  • Demonstrate passion to learn and thrive in a dynamic and constantly changing environment
  • Demonstrated strong knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture.

Providing you with the support you need to be at your best
Our Values, The KPMG Way
Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

Adjustments and accommodations throughout the recruitment process
At KPMG, we are committed to fostering an inclusive recruitment process where all candidates can be themselves and excel. We aim to provide a positive experience and are prepared to offer adjustments or accommodations to help you perform at your best. Adjustments (informal requests), such as extra preparation time or the option for micro breaks during interviews, and accommodations (formal requests), such as accessible communication supports or technology aids, are tailored to individual needs and role requirements. You will have the opportunity to request an adjustment or accommodation at any point throughout the recruitment process. You will have an opportunity to request an adjustment or accommodation at any point throughout the recruitment process. If you require support, please contact KPMG's Employee Relations Service team by calling 1-888-466-4778.

About KPMG

KPMG LLP is the Canadian member firm of KPMG International. We provide Audit, Tax, and Advisory services to many of the public and private business, not-for profit, and public sector organizations in Canada. Nationally, there are 40 offices and over 700 partners and 7,000 employees working together to help Canadian businesses achieve their goals. Leveraging the skills, knowledge and passion of our firm and our people allows us to serve our clients with uncompromising professionalism, cutting through complexity to provide valuable insight—in Canada and around the world. KPMG s.r.l./S.E.N.C.R.L. est le cabinet canadien membre de KPMG International Cooperative (« KPMG International »). Nous offrons des services professionnels en audit et en fiscalité ainsi que des services-conseils à une vaste clientèle composée notamment de sociétés ouvertes et fermées, d’organismes sans but lucratif et d’organisations du secteur public au Canada. KPMG compte 40 bureaux à l’échelle nationale, au sein desquels collaborent plus de 700 associés et 7 000 employés pour aider les sociétés canadiennes à atteindre leurs objectifs. Nous misons sur les compétences et le savoir-faire de notre équipe pour servir nos clients − au Canada et ailleurs dans le monde − avec rigueur et professionnalisme. Notre mission première : simplifier la complexité en proposant des perspectives éclairantes.

Industry

Banking & Finance

Company Size

5001-10,000 employees

Application closing date is 2025-01-19

Current Openings

Back to search detail

Interested in jobs like this?

Sign up for email alerts
Get job alerts

Work with our Featured Employers

M space man icon M
Watch now
H O T Marketing. Tips. Sauce.
Marketing On Mars Podcast Full episodes twice per month
Job successfully reported

Thank you for helping us identify suspicious behaviour.