Information Protection & Business Resiliency - Manager

  • Competitive
  • Singapore
  • Permanent, Full time
  • KPMG Services Pte Ltd
  • 20 Jan 17

Information Protection & Business Resiliency - Manager


KPMG Information Protection & Business Resiliency (IPBR) professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets.

Using a holistic view of how Technology and Business integrate, IPBR performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & security solutions.

The IPBR practice focuses on the following three disciplines:

- Technology Risk and Outsourcing Governance - this discipline covers IT-Business related consulting over how an organisation manages technology risk and governs its outsourcing. This involves review, re-design and implementation controls over the organisation's IT environment. Topics include system development, project management, business or IT outsourcing, business continuity management, information security, incident management, user access management.

- Cybersecurity - this discipline covers designing and implementing Cybersecurity frameworks; Cyber maturity assessments; organisational design for Information Security; design and rollout of information security processes such as Incident Management, Intrusion Detection, and Security Monitoring.

- Ethical Hacking - this discipline covers vulnerability assessment, application and network penetration testing, wireless security, mobile security, and system security testing.

Successful candidates will have the opportunity to work in a fast growing and challenging environment with like-minded people who are eminent in their respective fields.

The role involves planning, managing, and delivering cyber security assessment and penetration testing projects across the region. You will also be involved in expanding our existing Information Security Assessment services and managing a team of penetration testers.

Your responsibilities will include the following:


  • Build and manage good client relationships

  • Actively identify and support business development opportunities which includes supporting the team with sales activities such as proposal writing and client presentations

  • Work in a collaborative team to manage and deliver information security assessment, testing and compliance advisory services

  • Develop internal networks and maintain excellent relationships with colleagues across the firm, particularly in the wider IT Advisory areas

  • Identify and resolve complex issues and develop innovative solutions for clients

  • Coach and develop team members as part of the firm's overall Performance Management process or on specific engagements

  • Contribute to practice management, e.g. training, knowledge management

  • Work with high profile clients on a variety of local and international engagements

  • Responsible for all deliverables within client engagement

The ideal candidate should:


  • Possess a recognised Degree in Computer Science, Information Technology, Engineering (Computer/Electronics), or a related discipline

  • Have a good working knowledge of information security principles, techniques and standards

  • Have at least 5 years of experience in the areas below:

Ø Performing vulnerability assessment and penetration testing

Ø Managing clients and delivering IT security related projects


  • Have strong analytical, problem solving and inter-personal skills

  • Excellent written and oral communication skills with the ability to present ideas and results to technical and non-technical audiences

  • Be willing to travel on regional and international assignments (occasionally)

  • Have prior consulting experience in IT risk assessment or IT security
Preferably possess professional certifications such as CISSP or other relevant qualifications