Sr. Associate, Cyber Security at KPMG
Location: San Francisco
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries. Our growth is driven by delivering real results for our clients. It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you’re as passionate about your future as we are, join our team.
KPMG is currently seeking a Senior Associate in Technology Enablement for our practice.
• Demonstrate understanding of business processes and risk management in areas such as cyber security, cloud security, cloud governance and compliance, DevOps, cloud data protection, cloud monitoring and incident response, enterprise security architecture, technology risk management, and others
• Establish a strong knowledge of enterprise cloud environments and cloud service provider platforms including Microsoft Azure, AWS, and Google Cloud Platform and their embedded security, as well as multi-cloud security management technologies; communicate this information to the engagement team and client management through written correspondence and verbal presentations
• Plan and execute client engagements focusing on assessment, review, design and/or implementation of Cloud infrastructure/platform/software security; identify improvement opportunities in the areas of process efficiency and security including role-based security and identify and access management based on KPMG’s methodology for cloud environments
• Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
• Stay current with trends in this emerging space and enhance KPMG’s existing methodology for cloud security and controls engagements
• A minimum of three years of experience in any of the following areas: cloud security assessment and strategy; cloud compliance; solution architecture and design with emphasis on security, security operations and integration with cloud IaaS/PaaS/SaaS security platforms such as AWS, Google Cloud Platform, Microsoft Azure and Workday; IT risk management
• Bachelor’s degree or equivalent work experience
• Possess baseline security certification such as CISM/CISSP/GSEC/CISA/cloud certification for Microsoft Azure/AWS/Google Cloud Platform or studying towards attaining the certification
• Excellent written and verbal communication, facilitation, and presentation skills
• Ability and willingness travel
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The contains further information regarding the firm’s compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.
KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).
For Remote Sr. Associate, Cyber Security roles, visit Remote Sr. Associate, Cyber Security Roles
Information Security Analyst at Collabera
Location: San Jose
Job Title: Information Security Analyst
Work Location: San Jose-CA-USA (Hybrid Remote)
Duration: 24+ Months Contract, Possible Extension up to 30 Months.
MUST HAVE SKILLS:
• * Bachelor’s degree in Computer Science or related fields
• Six or more years of relevant work experience.
• Experience with performing security requirements analyses to secure the deployment of large globally distributed cloud-based and/or mobile-embedded platforms.
• Experience with OWASP Top 10 vulnerabilities and Cryptographic Algorithms: (PKI), X.509 Public Key Certificates, authentication protocols, and transport layer security, OID, OAuth, SAML.
• Development experience in C++/C, Swift, Java, Scala, Python or other languages and the ability to solve complex operational issues.
• * Master’s degree in Computer Science or equivalent engineering experience.
• Direct experience with implementing Security Services and tools in AWS such as GuardDuty, Macie, CloudTrail, CloudWatch, KMS, Compute (e.g., EC2, GCE)..
• Experience with storage technologies such as: S3, Networking: VPC, IDS/IPS, WPA, firewalls, reverse proxies, Load Balancers, Security Groups/List.
• Experience with configuration tools: AWS Config, AWS Inspector, SDK/CLI.
• Vulnerabilities tools: Prisma Cloud, Crowdstrike, etc.
• Experience Container Security experience with Docker, ECS, Kubernetes.
• Experience with configuration languages/IaaC: JSON, CloudFormation Terraform
• Experience with SDLC for mobile platforms including use of obfuscation techniques,
• Reverse Engineering and Tamper Resistant software development on Mobile Platform.
• Understanding of various types of Exploits, Threat Modeling, and Attack surfaces
• Experience with IT Security Frameworks such as NIST, ISO27001, PCI, DSS, FedRAMP
One or more of the following certifications: AWS Certified Solutions Architect (professional), AWS Certified Security (Specialty), CSA Certificate of Cloud Security
• Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP), CISSP.
Information Security Analyst,Cryptographic Algorithms,OWASP,(PKI), X.509 Public Key Certificates, authentication protocols,AWS Certified Security (Specialty), CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP), CISSP. – provided by Dice
For Remote Information Security Analyst roles, visit Remote Information Security Analyst Roles